Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...

CVE-2026-2944 Tosei Online Store Management System ネット店舗管理システム HTTP POST Request monitor.php system os command injection

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

Tosei Online Store Management System 操作系统命令注入漏洞

Tosei Online Store Management System is an online store management system developed by Tosei Corporation. Version 1.01 of the Tosei Online Store Management System contains a vulnerability related to operating system command injection. This vulnerability arises from incorrect handling of the...

CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

CVE-2026-23013

CVE-2026-23013 pertains to the Linux kernel: in the octeon_ep_vf IRQ handling, the rollback path frees IRQs with a mismatched dev_id, using the literal 'oct' instead of the original ioq_vector. This can leave irqaction registrations alive, causing a use-after-free or crash when the interrupt fire...

CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

EUVD-2025-31840

Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain access to a victim’s Sync account data such as account credentials and email protection information...

AZL-74754 CVE-2025-39911 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40evsirequestirqmsix error path If requestirq in i40evsirequestirqmsix fails in an iteration later than the first, the error path wants to free the IRQs requested so far. However, it uses the wrong devid...

CVE-2025-39911

CVE-2025-39911 : Linux kernel i40e driver fix for IRQ freeing in i40e_vsi_request_irq_msix error path. If request_irq() fails after the first iteration, the error path frees IRQs with the wrong dev_id, causing IRQs to remain freed incorrectly and triggering a WARNING: “Trying to free already-free...

Linux Distros Unpatched Vulnerability : CVE-2023-52868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these...

CVE-2023-52868

In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...

PT-2022-14460 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the BuildDevIDResponse function of miscdatabuilder.cpp due to a missing bounds check. This could lead to remote code execution with no additional execution...