SUSE CVE-2026-31446

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in updatesuperwork when racing with umount Commit b98535d09179 "ext4: fix bugon in startthishandle during umount filesystem" moved ext4unregistersysfs before flushing ssbupdwork to prevent new error work...

CVE-2026-31446

CVE-2026-31446 is a Linux kernel/ext4 vulnerability describing a use-after-free in update_super_work during unmount races. The root cause: update_super_work calls ext4_notify_error_sysfs() -> sysfs_notify() after ext4_unregister_sysfs() frees the kobject, leading to a stale kernfs_node access....

CVE-2025-23902

Cross-Site Request Forgery CSRF vulnerability in Taras Dashkevych Error Notification error-notification allows Cross Site Request Forgery.This issue affects Error Notification: from n/a through = 0.2.7...

EUVD-2020-24972

Malware in sbrugna...

EUVD-2025-3520

Malicious code in bioql PyPI...

Malicious code in http-err-notification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7a2e55871b065fdb7fedf48404b81400a55e30b5682d2f1f52f4518ef24058b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2020-3701

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130...

CVE-2025-24344

The CVE-2025-24344 entry concerns the ctrlX OS web application where a vulnerability lies in the error notification messages. The issue allows a remote, unauthenticated attacker to inject arbitrary HTML tags and, potentially, execute client-side code within another user’s browser through a crafte...

CVE-2025-23902

Cross-Site Request Forgery CSRF vulnerability in Taras Dashkevych Error Notification error-notification allows Cross Site Request Forgery.This issue affects Error Notification: from n/a through = 0.2.7...

CVE-2025-23902 WordPress Error Notification plugin <= 0.2.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Taras Dashkevych Error Notification error-notification allows Cross Site Request Forgery.This issue affects Error Notification: from n/a through = 0.2.7...

CVE-2025-23902

CVE-2025-23902 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Error Notification (Taras Dashkevych). Affected versions are listed as up to 0.2.7 (scope: from n/a through 0.2.7). The Red Hat advisory confirms the same CVE and description. There are no connected...

CVE-2025-23902 WordPress Error Notification plugin <= 0.2.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Taras Dashkevych Error Notification error-notification allows Cross Site Request Forgery.This issue affects Error Notification: from n/a through = 0.2.7...

WordPress Error Notification plugin <= 0.2.7 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Error Notification versions = 0.2.7...

WordPress plugin Error Notification 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

Cyclos 4 PRO Cross-Site Scripting Vulnerability (CNVD-2022-77956)

Cyclos 4 PRO is a web server. a cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which stems from a failure to validate user input during error notification. A remote, unauthenticated attacker could execute javascript code via undefine enumeration constants...

Cyclos 4 PRO 跨站脚本漏洞

Cyclos 4 PRO is a web server. a cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which stems from a failure to validate user input during error notification. A remote, unauthenticated attacker could execute javascript code via undefine enumeration constants...

CVE-2020-3701

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130...

Design/Logic Flaw

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130...

CVE-2020-3701

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130...

Cross-site Scripting (XSS)

Central Dogma is vulnerable to cross-site scripting XSS. It does not escape the arg.message parameter in error notification messages, allowing an attacker to inject arbitrary script through it...