27 matches found
CVE-2026-41635
Apache MINA's AbstractIoBuffer.resolveClass contains two branches, one of them for static classes or primitive types does not check the class at all, bypassing the classname allowlist and allowing arbitrary code to be executed. The fix checks if the class is present in the accepted class...
PT-2026-35373
Name of the Vulnerable Software and Affected Versions Apache MINA versions 2.0.0 through 2.0.27 Apache MINA versions 2.1.0 through 2.1.10 Apache MINA versions 2.2.0 through 2.2.5 Description A flaw in the resolveClass function of AbstractIoBuffer allows a bypass of the classname allowlist for...
CVE-2023-54041 io_uring: fix memory leak when removing provided buffers
In the Linux kernel, the following vulnerability has been resolved: iouring: fix memory leak when removing provided buffers When removing provided buffers, iobuffer structs are not being disposed of, leading to a memory leak. They can't be freed individually, because they are allocated in...
EUVD-2019-2306
Malware in sbrugna...
CVE-2025-38695
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfcvport structure If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resultant cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before sli4hba.hdwqs are...
CVE-2025-36903
In lwisiobufferwrite, there is a possible OOB read/write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE CVE-2014-8181
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SGIO buffer, which may leaking sensitive information to userspace...