40 matches found
CVE-2026-41580 Stirling-PDF: Reflected XSS through crafted PDF metadata fields (Title and Author)
Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. Prior to 2.0.0, Stirling-PDF's /get-info-on-pdf endpoint rendered PDF Title and Author metadata fields without proper HTML encoding or sanitization, allowing a crafted PDF to execute...
CVE-2026-53647 FOSSBilling vulnerable to unauthenticated API key configuration disclosure via guest Serviceapikey get_info endpoint
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.3 through 0.7.2, the Guest serviceapikey/getinfo API endpoint is accessible without authentication. Any caller with a valid API key can retrieve all custom configuration parameters custom fields stored in the...
Linux Distros Unpatched Vulnerability : CVE-2026-53203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when check...
SUSE CVE-2026-53203
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987369)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987369 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantechchangereportid The array param in...
CVE-2023-53399
CVE-2023-53399 affects the Linux kernel’s ksmbd component, specifically a NULL pointer dereference in smb2_get_info_filesystem(). The issue occurs when share is present but share->path is NULL, which can trigger a crash. The connected sources consistently describe the vulnerability as resolved...
SUSE-SU-2025:20436-1 Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301: security/keys:...
SUSE-SU-2025:20450-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301:...
SUSE CVE-2023-53035
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioctl...
netfilter: Fix use-after-free in get_info()
...
DEBIAN-CVE-2024-50257
In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...
AZL-53304 CVE-2024-50257 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...
UBUNTU-CVE-2024-50257
In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...
CVE-2024-46937
An improper access control IDOR vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server SAS 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authentication. The is a brute-force attack on the...
UBUNTU-CVE-2021-47097
In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantechchangereportid The array param in elantechchangereportid must be at least 3 bytes, because elantechreadregparams is calling ps2command with PSMOUSECMDGETINFO, that is goi...
NethServer nethserver-phonenehome SQL注入漏洞
nethserver-phonenehome is an open source application for NethServer. It is used to track all NethServer installations worldwide. NethServer nethserver-phonenehome suffers from a SQL injection vulnerability that originates from a security issue in the function getinfo/getcountrycoor in the file...
PT-2023-12417 · Unknown · Nethserver
Name of the Vulnerable Software and Affected Versions: NethServer phonenehome affected versions not specified Description: A critical issue affects the function get info/get country coor of the file server/index.php, leading to sql injection. Recommendations: Apply a patch to fix this issue. As a...
Debian DSA-5211-1 : wpewebkit - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5211 advisory. - An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32792 - The issue was addressed with improved UI handling. CVE-2022-32816 No...
CVE-2022-27571
Heap-based buffer overflow vulnerability in sheifdgetinfoimage function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker...
AZL-6574 CVE-2021-3573 affecting package kernel for versions less than 5.10.78.1-1
A use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hciunregisterdev together with one of the calls hcisockblacklistadd, hcisockblacklistdel, hcigetconninfo,...