14 matches found
SUSE CVE-2026-43262
In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2fiemap, we are calling iomapfiemap while holding the inode glock. This can lead to recursive glock taking if the fiemap buffer is memory mapped to the same inode and accessing it triggers a page...
EUVD-2026-27659
In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2fiemap, we are calling iomapfiemap while holding the inode glock. This can lead to recursive glock taking if the fiemap buffer is memory mapped to the same inode and accessing it triggers a page...
PT-2026-37602
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the gfs2 fiemap function where iomap fiemap is called while the inode glock global lock is held. This can result in recursive glock acquisition if the fiemap buffer is...
PT-2025-5202 · Unknown · Notfound Lockets
Name of the Vulnerable Software and Affected Versions: NotFound Lockets versions n/a through 0.999 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Reflected XSS. Recommendations: For versions n/a...
sched/core: Disable page allocation in task_tick_mm_cid()
...
PT-2025-5049 · Unknown · Mind3Dom Ryebread Widgets
Name of the Vulnerable Software and Affected Versions: Mind3doM RyeBread Widgets versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows reflected XSS. This problem affects Mind3d...
PT-2025-3182 · Unknown · Irshad Services
Name of the Vulnerable Software and Affected Versions: Irshad Services versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting'. This allows for Reflected XSS, where an attacker can inject...
PT-2025-3180 · Foliovision · Fv Descriptions
Name of the Vulnerable Software and Affected Versions: Foliovision FV Descriptions versions n/a through 1.4 Description: The issue affects Foliovision FV Descriptions, allowing Reflected XSS due to improper neutralization of input during web page generation. This is a type of Cross-site Scripting...
PT-2024-34756 · Unknown · Andrew Connell Trademe Widgets
Name of the Vulnerable Software and Affected Versions: Andrew Connell TradeMe widgets versions n/a through 1.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in Andrew Connell...
PT-2024-22777 · Unknown · Campcodes House Rental Management System
Name of the Vulnerable Software and Affected Versions: Campcodes House Rental Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown functionality of the file index.php. The manipulation of the page argument leads to file inclusion. The attack ca...
PT-2024-22733 · Woocommerce · Woocommerce Google Feed Manager
Name of the Vulnerable Software and Affected Versions: WooCommerce Google Feed Manager versions n/a through 2.2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...
PT-2023-16514 · WordPress · Newsletter Popup
Name of the Vulnerable Software and Affected Versions: The Newsletter Popup WordPress plugin versions 1.2 and earlier Description: The issue concerns a lack of CSRF checks in certain areas of the plugin, which could allow attackers to perform unwanted actions on behalf of logged-in users through...
PT-2022-27345 · Unknown · Rukovoditel
Name of the Vulnerable Software and Affected Versions: Rukovoditel version 3.2.1 Description: The issue is related to a stored cross-site scripting XSS vulnerability in the Add Page function at "/index.php?module=help pages/pages&entities id=24". This allows attackers to execute arbitrary web...
PT-2021-18698 · Evolucare · Evolucare Ecsimaging
Name of the Vulnerable Software and Affected Versions: EVOLUCARE ECSIMAGING aka ECS Imaging versions 6.21.5 and earlier Description: The issue is related to an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The file parameter on the webpage "/showfile.php" ca...