64 matches found
twitter-server Cross-Site Scripting
twitter-server before 20.12.0 is vulnerable to cross-site scripting in some configurations. The vulnerability exists in the administration panel of twitter-server in the histograms component via server/handler/HistogramQueryHandler.scala. id: CVE-2020-35774 info: name: twitter-server Cross-Site...
CLSA-2026-1778276927 kernel: Fix of 33 CVEs
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - ext4: avoid OOB when system.data xattr changes underneath the filesystem CVE-2024-47701 - gpiolib: cdev: fix uninitialised kfifo CVE-2024-36898 - wifi: mt76: Fix...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0 "tracing: fix double free" said, the "double free" problem reported by clang static analyzer is: In...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Tracing/histograms: Add histograms to histvars if they reference variables. Triggers may have referenced variables without having direct variable fields. This can occur if referenced variables are added for trigger actions. In...
CLSA-2026-1773048865 kernel: Fix of 53 CVEs
xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...
openSUSE 16 Security Update : golang-github-prometheus-prometheus (openSUSE-SU-2026:20177-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20177-1 advisory. Update to version 3.5.0: Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of...
SUSE-SU-2026:20232-1 Security update for golang-github-prometheus-prometheus
This update for golang-github-prometheus-prometheus fixes the following issues: Update to version 3.5.0: Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257329. - CVE-2025-12816: interpretation conflict...
kernel: tracing/histograms: Fix memory leak problem
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0 "tracing: fix double free" said, the "double free" problem reported by clang static analyzer is: In...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990109)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990109 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990009)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990009 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit...
EUVD-2023-60048
Nagios Log Server versions prior to 2.1.14 are vulnerable to cross-site scripting XSS via the Snapshots Page. Untrusted log content was not safely encoded for the output context, allowing attacker-controlled data present in logs to execute script in the victim’s browser within the application...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986773)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986773 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986618 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit...
CVE-2023-53560
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...
CVE-2023-53560 tracing/histograms: Add histograms to hist_vars if they have referenced variables
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...
CVE-2023-53560
CVE-2023-53560 concerns the Linux kernel tracing subsystem, specifically the tracing/histograms feature. The issue arises when hist triggers reference variables that are not exposed as direct fields, such as when variables are added for trigger actions; in this case the new references may lack a ...
CVE-2023-53560 tracing/histograms: Add histograms to hist_vars if they have referenced variables
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not adding histograms with referenced variables to histvars, which could result in referenced variables being...
PT-2025-40702
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc1 Description The Linux kernel tracing subsystem contained a flaw in how histograms were handled with referenced variables. Specifically, hist triggers could have referenced variables without having direc...
EUVD-2022-54584
Malicious code in bioql PyPI...