107 matches found
CVE-2023-53791
In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...
CVE-2023-53791 md: fix warning for holder mismatch from export_rdev()
In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a holder mismatch issue in the exportrdev function...
PT-2025-49651
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc2-00121-g01e55c376936-dirty Description The Linux kernel contains an issue related to a holder mismatch within the export rdev function in the md multiple device subsystem. A warning occurs when claim rde...
CVE-2025-48615
Technical details (affected product/version, root cause, exploitability, impact, patch) for CVE-2025-48615 are not publicly provided in the supplied documents. The CVE is referenced in patch previews but no specifics are available here.
PT-2025-43493
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the Framework component of Android operating systems due to insufficient input validation. Exploitation of this issue may allow an attacker to escalate privileges...
EUVD-2025-26183
Malicious code in bioql PyPI...
EUVD-2023-54299
Malicious code in bioql PyPI...
CVE-2025-40702
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40702 Cross-Site Scripting (XSS) vulnerability in OpenAtlas by ACDH-CH
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
CVE-2025-40702
OpenAtlas v8.9.0 (ACDH-CH) is affected by a Cross‑Site Scripting (XSS) flaw caused by inadequate validation of user input in a POST to the /insert/file endpoint, specifically via the creator and license_holder parameters. Multiple sources (NVD, Red Hat, CVE lists, and OSV) confirm the vulnerabili...
PT-2025-35203
Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.9.0 Description: A Cross-Site Scripting XSS issue exists in OpenAtlas due to insufficient validation of user input received through POST requests. This could allow a remote user to send crafted queries to an authenticated...
CVE-2023-47799
Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administration interface or via the CLI, and the resulting export files are given to the account holders. They may contain images of other account holders because the...
Malicious code in f0-state-holder-duke (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf4c907badcc403327c3447b84119be860f10f1e085424b05ae27f1c65343715 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2760 Malicious code in f0-state-holder-duke (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf4c907badcc403327c3447b84119be860f10f1e085424b05ae27f1c65343715 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the bd_link_disk_holder() function in the block/holder.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the bdlinkdiskholder function in the block/holder.c module of the Linux kernel leads to mutual locking issues. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2024-51746
Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. gitsign may select the wrong Rekor entry to use during online verification when multiple entries are returned by the log. gitsign uses Rekor's search API to fetch entries that apply to a signature...
SUSE: Security Advisory (SUSE-SU-2024:2983-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious code in dialog-holder (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7bce8075d6c7b197200b3f0fc05f5aa1b20b23ace29604b477a33c5a8295cce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-2092 Malicious code in dialog-holder (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7bce8075d6c7b197200b3f0fc05f5aa1b20b23ace29604b477a33c5a8295cce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...