34 matches found
Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple
Simple-CTF-THM-Writeup This repository is a complete walkthrough...
Linux Distros Unpatched Vulnerability : CVE-2024-26745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kerne...
DEBIAN-CVE-2025-37922
In the Linux kernel, the following vulnerability has been resolved: book3s64/radix : Align section vmemmap start address to PAGESIZE A vmemmap altmap is a device-provided region used to provide backing storage for struct pages. For each namespace, the altmap should belong to that same namespace. ...
UBUNTU-CVE-2025-37922
In the Linux kernel, the following vulnerability has been resolved: book3s64/radix : Align section vmemmap start address to PAGESIZE A vmemmap altmap is a device-provided region used to provide backing storage for struct pages. For each namespace, the altmap should belong to that same namespace. ...
CVE-2023-53086 wifi: mt76: connac: do not check WED status for non-mmio devices
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: connac: do not check WED status for non-mmio devices WED is supported just for mmio devices, so do not check it for usb or sdio devices. This patch fixes the crash reported below: 21.946627 wlp0s3u1i3: authenticate wi...
CVE-2025-21713
CVE-2025-21713 affects the PowerPC/ pSeries IOMMU path in the Linux kernel. The issue occurs when reusing the same vfio container across different IOMMU groups, where spapr_tce_set_window() may lead to cleanup that dereferences a null or invalid tbl, causing a kernel crash (NULL pointer dereferen...
CVE-2025-21713
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Don't unset window if it was never set On pSeries, when user attempts to use the same vfio container used by different iommu group, the spaprtcesetwindow returns -EPERM and the subsequent cleanup leads to t...
CVE-2022-49198
CVE-2022-49198 targets the Linux kernel’s mptcp path. According to multiple sources, the vulnerability stems from a race in __mptcp_alloc_tx_skb where skb->tcp_tsorted_anchor is initialized before the skb release path under memory pressure, causing kfree_skb to release the destination twice an...
CVE-2022-48811 ibmvnic: don't release napi in __ibmvnic_open()
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when setting link state, it calls releaseresources which frees the napi structures needlessly. Instead, have ibmvnicopen only clean up the work...
CVE-2022-48811
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when setting link state, it calls releaseresources which frees the napi structures needlessly. Instead, have ibmvnicopen only clean up the work...
CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2024-26859
In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logic could cause a race condition when...
CVE-2024-26859 net/bnx2x: Prevent access to a freed page in page_pool
In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logic could cause a race condition when...
CVE-2024-26859 net/bnx2x: Prevent access to a freed page in page_pool
In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logic could cause a race condition when...
CVE-2024-26745
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics due to NULL pointer exception: Kernel attempted to read user page 0 - exploit attempt?...
CVE-2023-52499
In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...
CVE-2023-52499
In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...
CVE-2023-52499
In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...
Stop Spammers Security < 2022.6 - Unauthenticated PHP Object Injection
The plugin passes base64 encoded user input to the unserialize PHP function when CAPTCHA are used as second challenge, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain To simulate a gadget chain, put the following code in a plugin class Evil...