CVE-2025-21910 wifi: cfg80211: regulatory: improve invalid hints checking

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

CVE-2025-21910 wifi: cfg80211: regulatory: improve invalid hints checking

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

CVE-2025-21910

CVE-2025-21910 affects the Linux kernel (wifi: cfg80211: regulatory) where invalid user regulatory hints could pass through via regulatory_hint_user() into user_alpha2[]. The root cause involves isalpha() handling non-Latin symbols and a subsequent toupper() mutation that bypassed a prior check. ...

CVE-2025-21910

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via regulatoryhintuser call. Such invalid regulatory...

Vulnerabilities include SQLite hint functions and ETRN serialization of the Exim mail server, which allows attackers to cause service interruptions.

The vulnerabilities of SQLite’s hints and Exim mail server’s ETRN serialization are related to the lack of measures taken to protect the SQL query structure. Exploiting these vulnerabilities can allow a malicious actor to cause service failures by sending specially crafted SQL queries...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

DEBIAN-CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

UBUNTU-CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection...

SUSE CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

PT-2025-7615

Name of the Vulnerable Software and Affected Versions Exim versions 4.98 through 4.98.0 Description The issue allows remote SQL injection when SQLite hints and ETRN serialization are used. This could potentially allow a remote attacker to perform SQL injection, possibly stealing sensitive data or...

Exim 安全漏洞

Exim is an open source messaging agent MTA from Exim Open Source that runs on Unix systems and is responsible for routing, forwarding and delivering mail. A security vulnerability exists in Exim prior to version 4.98.1 that stems from allowing remote SQL injection when using SQLite hints and ETRN...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

CVE-2025-26794

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations...

exim -- SQL injection

[email protected] reports: Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection...

CVE-2024-51639

Cross-Site Request Forgery CSRF vulnerability in Hints Naver Blog naver-blog-api allows Stored XSS.This issue affects Naver Blog: from n/a through = 1.0...

PT-2025-4311 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the io uring/net component, where the kmsg-msg.msg inq variable may be used uninitialized. This can occur...

DRUPAL-CORE-2024-007

Drupal core contains a potential PHP Object Injection vulnerability that if combined with another exploit could lead to Remote Code Execution. It is not directly exploitable. This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to...

CVE-2024-51639

Cross-Site Request Forgery CSRF vulnerability in Hints Naver Blog naver-blog-api allows Stored XSS.This issue affects Naver Blog: from n/a through = 1.0...