756 matches found
UBUNTU-CVE-2021-47552
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blkcleanupqueue and diskrelease For avoiding to slow down queue destroy, we don't call blkmqquiescequeue in blkcleanupqueue, instead of delaying to cancel dispatch work in...
CVE-2021-47552
CVE-2021-47552 – Linux kernel : The vulnerability stems from blk-mq dispatch cancellation logic. Previously, blk_mq_quiesce_queue() was not invoked in blk_cleanup_queue(), delaying cancellation to disk_release(), which allowed a race where a scsi_device could be freed before blk_release_queue() r...
CVE-2021-47552 blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blkcleanupqueue and diskrelease For avoiding to slow down queue destroy, we don't call blkmqquiescequeue in blkcleanupqueue, instead of delaying to cancel dispatch work in...
CVE-2021-47552 blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blkcleanupqueue and diskrelease For avoiding to slow down queue destroy, we don't call blkmqquiescequeue in blkcleanupqueue, instead of delaying to cancel dispatch work in...
UBUNTU-CVE-2024-35944
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost Syzkaller hit 'WARNING in dgdispatchashost' bug. memcpy: detected field-spanning write size 56 of single field "&dginfo-msg" at drivers/misc/vmwvmci/vmcidatagram.c:237 size 24...
SQL Injection Vulnerability in the Command and Dispatch Management Platform of Fujian Qualicom Communications Co.
Fujian Qualicom Communication Co., Ltd. is a solution provider and service operator focusing on professional communication. A SQL injection vulnerability exists in the Command and Dispatch Management Platform of Fujian Qualicom Communications Co. Ltd, which can be exploited by attackers to obtain...
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch request stream pipeline
...
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
Impact Undici cleared Authorization and Proxy-Authorization headers for fetch, but did not clear them for undici.request. Patches This has been patched in https://github.com/nodejs/undici/commit/6805746680d27a5369d7fb67bc05f95a28247d75. Fixes has been released in v5.28.4 and v6.11.1. Workarounds...
Internet Bug Bounty: [CVE-2024-26142] ReDoS vulnerability in Accept header parsing in Action Dispatch
A ReDoS vulnerability was discovered in the Accept header parsing in Action Dispatch. The vulnerability was assigned the CVE identifier CVE-2024-26142. Affected versions were 7.1.0 to 7.1.3, while versions prior to 7.1.0 and 7.1.3.1 and later were not affected. The vulnerability was reported and ...
CVE-2024-2622
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterpriseuuid leads to sql injection. It is...
CVE-2024-2622
The CVE-2024-2622 entry concerns Fujian Kelixin Command and Dispatch Platform up to 20240318, with an SQL injection in /api/client/editemedia.php where the attacker can manipulate the number/enterprise_uuid parameter. This allows remote exploitation and has been disclosed publicly. Affected compo...
CVE-2024-2622 Fujian Kelixin Communication Command and Dispatch Platform editemedia.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterpriseuuid leads to sql injection. It is...
CVE-2024-2622 Fujian Kelixin Communication Command and Dispatch Platform editemedia.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterpriseuuid leads to sql injection. It is...
CVE-2024-2621 Fujian Kelixin Communication Command and Dispatch Platform pwd_update.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. The manipulation of the argument uuid leads to sql injection. The atta...
CVE-2024-2621
The vulnerability CVE-2024-2621 affects Fujian Kelixin Communication Command and Dispatch Platform (versions up to 20240318). The issue concerns an SQL injection in the file api/client/user/pwd_update.php, triggered by manipulating the uuid argument. Exploitation may be possible remotely and publ...
CVE-2024-2621 Fujian Kelixin Communication Command and Dispatch Platform pwd_update.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. The manipulation of the argument uuid leads to sql injection. The atta...
CVE-2024-2620 Fujian Kelixin Communication Command and Dispatch Platform down_file.php sql injection
A vulnerability has been found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this vulnerability is an unknown functionality of the file api/client/downfile.php. The manipulation of the argument uuid leads to sql injection. The...
CVE-2024-2620 Fujian Kelixin Communication Command and Dispatch Platform down_file.php sql injection
A vulnerability has been found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this vulnerability is an unknown functionality of the file api/client/downfile.php. The manipulation of the argument uuid leads to sql injection. The...
CVE-2024-2620
CVE-2024-2620 affects Fujian Kelixin Communication Command and Dispatch Platform (up to 20240318). Affected is the file api/client/down_file.php; manipulating the uuid parameter triggers a SQL injection. Exploitability is remote and exploit has been disclosed publicly (VDB-257197). Multiple sourc...
Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability
Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform of Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions, which originates from an unknown function in...