11 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/mm/fault: Fixed the reporting of kfence page faults. The copyfromkernelnofault function can be called when reading /proc/kcore. /proc/kcore may contain kfence objects that are not mapped, and reading these objects via...
SUSE CVE-2023-53789
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer...
CVE-2023-53789 iommu/amd: Improve page fault error reporting
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer...
EUVD-2024-53326
Malicious code in bioql PyPI...
SUSE CVE-2022-49214
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...
SUSE CVE-2024-56678
In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copyfromkernelnofault can be called when doing read of /proc/kcore. /proc/kcore can have some unmapped kfence objects which when read via copyfromkernelnofault can cause page...
UBUNTU-CVE-2024-41096
In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msicapabilityinit KFENCE reports the following UAF: BUG: KFENCE: use-after-free read in pcienablemsirange+0x2c0/0x488 Use-after-free read at 0x0000000024629571 in kfence-12: pcienablemsirange+0x2c0/0x488...
SQL Injection Vulnerability in Qixing Fault Reporting System (WeChat Public Version) 40.0
Servicedesk can be used as an enterprise fault reporting platform. The system supports secondary authentication, problem statistics, WeChat notification and other functions. A SQL injection vulnerability exists in Qixing Fault Reporting System WeChat Public Version 40.0, which can be exploited by...
SQL injection vulnerability in the frontend Ti***_ne***.aspx page of Qixing Trouble Repair System
Qixing Fault Reporting System is a platform based on ASP.NET language to help organizations to report faults. A SQL injection vulnerability exists in the frontend Tine.aspx page of the Qixing Fault Reporting System, which can be exploited by attackers to obtain sensitive information from the...
SQL Injection Vulnerability in Ca***.aspx Page of Qixing Fault Reporting System
Qixing Fault Reporting System is a platform based on ASP.NET language to help organizations to report faults. A SQL injection vulnerability exists in the Ca.aspx page of the Qixing Fault Reporting System, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in ar***.aspx Page of Qixing Fault Reporting System
Qixing Fault Reporting System is a platform based on ASP.NET language to help organizations to report faults. A SQL injection vulnerability exists in the ar.aspx page of the Qixing Fault Reporting System, which can be exploited by attackers to obtain sensitive information from the database...