CVE-2020-9299

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user...

SUSE CVE-2025-3931

A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks,...

Improper Handling of Insufficient Permissions or Privileges

Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via the Dispatch function in the worker.go file. An attacker can escalate privileges and modify sensitive system data by sending unauthorized commands to manipulate the package...

Yggdrasil Vulnerable to Local Privilege Escalation

A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks,...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass through the dispatchReadPump function. An attacker can execute arbitrary commands by sending specially crafted websocket requests. PoC echo -e '"type": "command", "content": "id"' |./websocat...

Malicious code in serverlog-dispatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6dcf491363258b87486dab0c11447d6bfd9cc41eda8ced61c5eaa12f683d688 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3584 Malicious code in serverlog-dispatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6dcf491363258b87486dab0c11447d6bfd9cc41eda8ced61c5eaa12f683d688 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost The Linux kernel CVE team has assigned CVE-2024-35944 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051920-CVE-2024-35944-a860@gregkh/T...

CVE-2022-49759

The CVE-2022-49759 entry concerns the Linux kernel vmw_vmci/VMCI path: the vmci_dispatch_dgs() tasklet calls vmci_read_data(), which uses wait_event() and can sleep in atomic context, risking deadlock. The fix replaces tasklets with threaded IRQs and removes tasklets usage entirely. Impact center...

fprime 命令注入漏洞

fprime is a NASA open source framework for flight software and embedded systems. A security vulnerability exists in fprime v3.4.3, which stems from command injection in the Command Dispatch Service and could lead to an attacker executing arbitrary commands...

CVE-2025-2715 timschofield webERP Confirm Dispatch and Invoice Page ConfirmDispatch_Invoice.php cross site scripting

A vulnerability classified as problematic has been found in timschofield webERP up to 5.0.0.rc+13. This affects an unknown part of the file ConfirmDispatchInvoice.php of the component Confirm Dispatch and Invoice Page. The manipulation of the argument Narrative leads to cross site scripting. It i...

CVE-2025-2715

The CVE-2025-2715 entry describes a cross-site scripting flaw affecting timschofield webERP up to 5.0.0.rc+13, in ConfirmDispatch_Invoice.php (Narrative parameter). Remote exploitation is possible; multiple sources note the vulnerability and advise applying a patch. The initial disclosure indicat...

CLSA-2025-1741033614 libvirt: Fix of CVE-2024-2494

CVE-2024-2494: check for negative array lengths before allocation in remotedaemondispatch...

CLSA-2025-1741032827 libvirt: Fix of CVE-2024-2494

CVE-2024-2494: check for negative array lengths before allocation in remotedaemondispatch...

DEBIAN-CVE-2022-49176

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...

UBUNTU-CVE-2022-49176

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...

CVE-2022-49176 bfq: fix use-after-free in bfq_dispatch_request

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the bfqdispatchrequest function that could lead to arbitrary code execution...

CLSA-2025-1740230407 libvirt: Fix of 2 CVEs

CVE-2024-1441: fix off-by-one error in udevListInterfacesByStatus - CVE-2024-2494: check for negative array lengths before allocation in remotedaemondispatch...

ROS-20250203-14

A vulnerability in the Action Dispatch component of the Ruby on Rails software platform is related to insufficient validation of user input in Action Dispatch. insufficient validation of user input data in Action Dispatch. Exploitation of the vulnerability could allow an attacker acting remotely ...