ROS-20260319-73-0017

A vulnerability in the normalexit function of the Grub2 operating system boot loader is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2023-54005

In the Linux kernel, the following vulnerability has been resolved: binder: fix memory leak in binderinit In binderinit, the destruction of binderallocshrinkerinit is not performed in the wrong path, which will cause memory leaks. So this commit introduces binderallocshrinkerexit and calls it in...

EUVD-2021-30603

Malicious code in bioql PyPI...

perf: Fix sample vs do_exit()

...

UBUNTU-CVE-2022-49277

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...

PT-2024-35658 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the net/l2tp module, specifically in the l2tp exit net function. The problem occurs when the IDR ID...

CVE-2024-50119 cifs: fix warning when destroy 'cifs_io_request_pool'

In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifsiorequestpool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 freelargekmalloc+0xac/0xe0 RIP: 0010:freelargekmalloc+0xac/0xe0 Call Trace: ? warn+0xea/0x330...

CVE-2024-41004 tracing: Build event generation tests only as modules

In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock get a reference those event file reference in module init function, and unlock and delete it in module...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from allowing the exit function to be called without first checking for a valid pointer...

PT-2022-36602 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.334 Description: The issue is related to the removal of exit for snd soc util exit in the ASoC soc-utils. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kerne...

CVE-2021-43675

Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...

Cross site scripting

dzzoffice 2.02.1SCUTF8 is affected by a Cross Site Scripting XSS vulnerability in explorerfile.php. The output of the exit function is printed for the user via exitjsonencode$return...

Cross site scripting

pictshare v1.5 is affected by a Cross Site Scripting XSS vulnerability in api/info.php. The exit function will terminate the script and print the message which has $REQUEST'hash'...

Thinkphp-Bjyblog 跨站脚本漏洞

Thinkphp-Bjyblog is an open source blog based on ThinkPhp developed by Baijunyao, an individual developer in China. A cross-site scripting vulnerability exists in Thinkphp-Bjyblog because the exit function in the product AdminBaseController.class.php file does not effectively filter input data. T...

Haschek Solutions Pictshare 跨站脚本漏洞

Haschek Solutions Pictshare is an open source image, Mp4, Pastebin hosting service from Haschek Solutions, Austria. A cross-site scripting vulnerability exists in Haschek Solutions Pictshare that stems from the exit function in the product api/info.php file not effectively filtering input data. T...

Yurunsoft YurunProxy 跨站脚本漏洞

Yurunsoft YurunProxy is a simple version of Ngrok from China's Yurunsoft, a Swoole-based intranet launcher that supports local WeChat development, Web development, and allows extranet access. A security vulnerability exists in Yurunsoft YurunProxy version 0.01, which originates from the program's...

Manage 跨站脚本漏洞

Manage is a simple login and registration system based on Vue-Cli and Thinkphp. A cross-site scripting vulnerability exists in manage, which stems from a cross-site scripting XSS vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script an...

Workerman-ThinkPHP-Redis Cross-Site Scripting Vulnerability

Workerman-ThinkPHP-Redis is an open source project consisting of the Workerman framework, the ThinkPHP framework, and Redis.Workerman-ThinkPHP-Redis is vulnerable to a cross-site scripting vulnerability that originates in the file Controller.class.php, where the exit function will terminate the...

Cross site scripting

Workerman-ThinkPHP-Redis last update Mar 16, 2018 is affected by a Cross Site Scripting XSS vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $GETC'VARJSONPHANDLER' then there is a XSS vulnerability...

Cross site scripting

twmap v2.91v4.33 is affected by a Cross Site Scripting XSS vulnerability. In file list.php, the exit function will terminate the script and print the message to the user. The message will contain $REQUEST then there is a XSS vulnerability...