Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The enicsetvfport function assumes that the nl attribute IFLAPORTPROFILE has a length of PORTPROFILEMAX, and that the nl attributes IFLAPORTINSTANCEUUID and IFLAPORTHOSTUUID have a length of PORTUUIDMAX. These attributes are...

EUVD-2026-30681

A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogssbinfinstancesetid in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to denial of service. The attack may be performed from remote. The exploit has been...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993252 advisory. In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribu...

CVE-2023-5982

The UpdraftPlus: WordPress Backup & Migration Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.23.10. This is due to a lack of nonce validation and insufficient validation of the instanceid on the 'updraftmethod-googledrive-auth' acti...

UBUNTU-CVE-2024-38659

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enicsetvfport enicsetvfport assumes that the nl attribute IFLAPORTPROFILE is of length PORTPROFILEMAX and that the nl attributes IFLAPORTINSTANCEUUID, IFLAPORTHOSTUUID are of length...

XWiki licensor application security vulnerability

XWiki licensor application is an extension for XWiki. A security vulnerability exists in XWiki licensor application. An attacker could use this vulnerability to obtain sensitive information, including the instance ID and the name and email of the license owner...

PT-2023-26094 · Powerjob · Powerjob

Name of the Vulnerable Software and Affected Versions: PowerJob version 4.3.3 Description: A remote command execution issue was discovered, allowing exploitation via the instanceId parameter at the "/instance/detail" API endpoint. Recommendations: For PowerJob version 4.3.3, consider restricting...

Qualcomm Chipsets 代码问题漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption issue that occurs when the API for calling the instance ID differs from the instance ID received in initialization...

PT-2023-18301 · Qualcomm · Snapdragon +40

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue involves memory corruption in video when calling APIs with a different instance ID than the one received during initialization. Recommendations: At the moment, there is no...

DEBIAN-CVE-2013-6419

Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by 1...