CVE-2026-7145

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

CVE-2026-7145

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

EUVD-2026-25896

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004042)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004042 advisory. In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 and 5.x before 5.2, there is a use-after-free write in the i915ppgttclose functi...

CVE-2022-50767

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically removing a USB device. Adds ufxopsdestroy function to .fbdestroy of fbops, and in this function, there is krefput that finally calls...

SUSE CVE-2025-40119

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if groupinfo slab cache allocation fails. Since...

UBUNTU-CVE-2025-40119

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if groupinfo slab cache allocation fails. Since...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990200)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990200 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989463)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989463 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memory leak during stateful obj update stateful objects can be updated...

CVE-2023-53498

In the provided documents, CVE-2023-53498 is described as a Linux kernel vulnerability in the AMD display driver (drm/amd/display). The issue arises when amdgpu_dm_fini() may dereference adev->dm.dc if the pointer is NULL, allowing a NULL pointer dereference. The remediation is a code fix that...

smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()

...

DEBIAN-CVE-2025-39692

In the Linux kernel, the following vulnerability has been resolved: smb: server: split ksmbdrdmastoplistening out of ksmbdrdmadestroy We can't call destroyworkqueuesmbdirectwq; before stopsessions! Otherwise already existing connections try to use smbdirectwq as a NULL pointer...

CVE-2023-23087

An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function...

UBUNTU-CVE-2024-56561

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix PCI domain ID release in pciepcdestroy pciepcdestroy invokes pcibusreleasedomainnr to release the PCI domain ID, but there are two issues: - 'epc-dev' is passed to pcibusreleasedomainnr which was already freed ...

DEBIAN-CVE-2022-48933

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix memory leak during stateful obj update stateful objects can be updated from the control plane. The transaction logic allocates a temporary object for this purpose. The -init function was called for this...

CVE-2024-26910

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronizercu add...

CVE-2024-26910 netfilter: ipset: fix performance regression in swap operation

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronizercu add...

CVE-2024-26910 netfilter: ipset: fix performance regression in swap operation

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test", commit 28628fa9 fixes a race condition. But the synchronizercu add...

PT-2024-13746 · Cesanta · Mjs

Name of the Vulnerable Software and Affected Versions: Cesanta mjs version 2.20.0 Description: An issue in Cesanta mjs allows a remote attacker to cause a denial of service via the mjs destroy function in the msj.c file. Recommendations: For Cesanta mjs version 2.20.0, consider disabling the mjs...

CVE-2023-48024

Liblisp through commit 4c65969 was discovered to contain a use-after-free vulnerability in void hashdestroyhashtablet h at hash.c...