18 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/x86: Fixed NULL pointer access and potential loss of PEBS records When the function intelpmudrainpebsicl is called to drain PEBS records, the function perfeventoverflow may be called to process the last PEBS record. Durin...
PT-2026-30130
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86 pmu enable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP: x86 pe...
CVE-2026-32057
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
CVE-2026-32057
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
CVE-2026-32057
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
CVE-2026-32057 OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
CVE-2026-32057
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
SUSE CVE-2025-68375
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...
CVE-2025-68375
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...
CVE-2025-68375 perf/x86: Fix NULL event access and potential PEBS record loss
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...
CVE-2025-68375 perf/x86: Fix NULL event access and potential PEBS record loss
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...
CVE-2025-68375
CVE-2025-68375 : In the Linux kernel perf/x86 subsystem, draining PEBS records can trigger perf_event_overflow(), which may throttle and stop a group’s events. This can clear pointers in cpuc->events[] to NULL, risking NULL pointer access when a second PEBS event in the same group is processed...
Linux Distros Unpatched Vulnerability : CVE-2025-68375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from null event access and potential PEBS record loss, which could result in the event pointer being cleared...
CVE-2024-1316
The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...
usb: dwc3: core: Prevent USB core invalid event buffer address access
...
PT-2024-24351 · Unknown · Matrix-Appservice-Irc
Name of the Vulnerable Software and Affected Versions: matrix-appservice-irc versions prior to 2.0.0 Description: The issue allows a malicious user to leak the truncated body of a message if they send a Matrix reply to an event ID they don't have access to. The malicious user needs to know the...
PT-2022-13111 · Moodle +1 · Moodle +1
Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.4 Moodle versions 3.10 to 3.10.8 Moodle versions 3.9 to 3.9.11 Moodle versions earlier than 3.9 Description: A flaw was found in the calendar:manageentries capability, which allowed managers to access or modify an...