CVE-2022-50337

The CVE-2022-50337 issue affects the Linux kernel OCXL path: get_function_0() calls pci_get_domain_bus_and_slot(), which returns a PCI device with an incremented refcount. If pci_dev_put() is not called, a refcount leak can occur. The fixes add device reference handling and ensure calls to pci_de...

PT-2025-37639

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The get function 0 function in the Linux kernel contains a potential PCI device reference count leak. The function calls pci get domain bus and slot, which increments the reference cou...

PT-2025-44098

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the pinctrl subsystem where the return value of the pinmux ops::get function name function is not adequately checked. The pinmux generic get function...

CVE-2025-9001 LemonOS HTTP Client main.cpp HTTPGet stack-based overflow

A vulnerability was determined in LemonOS up to nightly-2024-07-12 on LemonOS. Affected by this issue is the function HTTPGet of the file /Applications/Steal/main.cpp of the component HTTP Client. The manipulation of the argument chunkSize leads to stack-based buffer overflow. The attack may be...

Server-Side Request Forgery (SSRF)

Overview mcp-markdownify-server is a Model Context Protocol MCP server that converts various file types and web content to Markdown format. It provides a set of tools to transform PDFs, images, audio files, web pages, and more into easily readable and shareable Markdown text. Affected versions of...

SUSE CVE-2024-52557

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdp: Fix integer overflow in zynqmpdprateget This patch fixes a potential integer overflow in the zynqmpdprateget The issue comes up when the expression drmdpbwcodetolinkratedp-test.bwcode 10000 is evaluated using 32-bi...

PT-2025-49241

Name of the Vulnerable Software and Affected Versions duc affected versions not specified Description A stack buffer overflow exists in the buffer get function of duc, a disk management tool. A condition can evaluate to true due to underflow, leading to an out-of-bounds read. Recommendations At t...

DEBIAN-CVE-2024-42327

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is availabl...

PT-2024-41488 · Gnu +1 · Linux +1

Уязвимость функции ea get файловой системы JFS fs/jfs/xattr.c ядра операционных систем Linux связана с некорректной обработкой данных, считываемых с повреждённого образа файловой системы. Эксплуатация уязвимости может позволить нарушителю получить несанкционированный доступ к защищаемой информаци...

SUSE CVE-2024-46685

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcsgetfunction pinmuxgenericgetfunction can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in...

AZL-49286 CVE-2024-46685 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcsgetfunction pinmuxgenericgetfunction can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in...

DEBIAN-CVE-2024-46685

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcsgetfunction pinmuxgenericgetfunction can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in...

CVE-2023-52794

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: powerclamp: fix mismatch in get function for maxidle KASAN reported this 444.853098 BUG: KASAN: global-out-of-bounds in paramgetint+0x77/0x90 444.853111 Read of size 4 at addr ffffffffc16c9220 by task cat/2105...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not adding a missing error check to ctlget...

PT-2023-35625 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow read issue has been identified, which can cause a crash. The crash occurs in the H5T bit copy, H5T bit get d, and H5T conv f f functions. Recommendations: At the moment,...

PT-2023-9467 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition in the NFC component of the Linux kernel, specifically in the nfc llcp sock get and nfc llcp sock get sn functions. This can lead to a Use Afte...

chai (=4.0.0-canary.1), chai-project (=1.0.0) +2 more potentially affected by CVE-2023-43646 via get-func-name (>=1.0.0 <=2.0.0)

get-func-name NPM version =1.0.0, =1.0.1, =1.0.0, =1.0.4 Source cves: CVE-2023-43646 Source advisory: OSV:GHSA-4Q6P-R6V2-JVC5...

GHSA-4Q6P-R6V2-JVC5 Chaijs/get-func-name vulnerable to ReDoS

The current regex implementation for parsing values in the module is susceptible to excessive backtracking, leading to potential DoS attacks. The regex implementation in question is as follows: js const functionNameMatch = /\sfunction?:\s|\s/^?:/+\/\s^\s/+/; This vulnerability can be exploited...

DEBIAN-CVE-2023-43646

get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...

CVE-2023-43646

get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...