CVE-2023-23763

An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to...

CVE-2022-35589

A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "publishontime" Parameter...

CVE-2021-28931

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...

CVE-2020-13633

Fork before 5.8.3 allows XSS via navigationtitle or title...

CVE-2019-15521

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object...

CVE-2018-5215

Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter...

CVE-2012-1208

Multiple cross-site scripting XSS vulnerabilities in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allow remote attackers to inject arbitrary web script or HTML via the 1 report parameter to blog/settings or 2 error parameter to users/index...

On the (In)Security of Proofs-Of-Space Based Longest-Chain Blockchains

The Nakamoto consensus protocol underlying the Bitcoin blockchain uses proof of work as a voting mechanism. Honest miners who contribute hashing power towards securing the chain try to extend the longest chain they are aware of. Despite its simplicity, Nakamoto consensus achieves meaningful...

Multiple Proposer Transaction Fee Mechanism Design: Robust Incentives against Censorship and Bribery

Censorship resistance is one of the core value proposition of blockchains. A recurring design pattern aimed at providing censorship resistance is enabling multiple proposers to contribute inputs into block construction. Notably, Fork-Choice Enforced Inclusion Lists FOCIL is proposed to be include...

CVE-2025-48027

The CVE-2025-48027 entry concerns the HttpAuth plugin in pGina.Fork up to version 3.9.9.12. Affected component is the HttpAuth plugin used by pGina.Fork; root cause is authentication bypass when an adversary controls DNS resolution for pginaloginserver. Documents from multiple sources confirm the...

SUSE CVE-2022-49852

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...

DEBIAN-CVE-2022-49852

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...

UBUNTU-CVE-2022-49852

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clear the array of threadstruct when a process is forked in the riscv architecture, which could...

SUSE CVE-2025-22090

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VMPAT handling when fork fails in copypagerange If trackpfncopy fails, we already added the dst VMA to the maple tree. As fork fails, we'll cleanup the maple tree, and stumble over the dst VMA for which we neither...

DEBIAN-CVE-2025-22090

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VMPAT handling when fork fails in copypagerange If trackpfncopy fails, we already added the dst VMA to the maple tree. As fork fails, we'll cleanup the maple tree, and stumble over the dst VMA for which we neither...

CVE-2025-22090

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VMPAT handling when fork fails in copypagerange If trackpfncopy fails, we already added the dst VMA to the maple tree. As fork fails, we'll cleanup the maple tree, and stumble over the dst VMA for which we neither...

AZL-69551 CVE-2025-22090 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VMPAT handling when fork fails in copypagerange If trackpfncopy fails, we already added the dst VMA to the maple tree. As fork fails, we'll cleanup the maple tree, and stumble over the dst VMA for which we neither...

UBUNTU-CVE-2025-22090

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VMPAT handling when fork fails in copypagerange If trackpfncopy fails, we already added the dst VMA to the maple tree. As fork fails, we'll cleanup the maple tree, and stumble over the dst VMA for which we neither...

CVE-2025-22090

CVE-2025-22090 affects the Linux kernel x86 PAT handling in fork() paths (copy_page_range). When track_pfn_copy() fails, the code previously could stumble over a dst VMA with no reservation or copied pages, causing untrack_pfn() to read PAT info from an unmapped page table. The documented fix: se...