CVE-2022-49674

In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is defined by the number of raid metadata and ima...

UBUNTU-CVE-2022-49674

In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is defined by the number of raid metadata and ima...

CVE-2022-49674

The CVE-2022-49674 issue is a Linux kernel vulnerability in dm-raid where an array (rs->devs) could be accessed beyond its end when the raid_disks-derived count differed from metadata-driven counts during RAID layout changes. The root cause is using rs->raid_disks for iteration instead of t...

CVE-2022-49674 dm raid: fix accesses beyond end of raid member array

In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is defined by the number of raid metadata and ima...

CVE-2022-49674 dm raid: fix accesses beyond end of raid member array

In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is defined by the number of raid metadata and ima...

CVE-2022-49316

CVE-2022-49316 affects the Linux kernel’s NFSv4 layout management. The issue arises when performing layoutget as part of an open() compound: locks for the layoutget are held across multiple RPC calls, which can trigger recalls and deadlock. The connected advisories (EulerOS/Unity/Nessus OSS) conf...

Using Valgrind on Chrome

Brief script that demonstrates running valgrind and afl-fuzz on Google Chrome. This favorite code for security auditing and memory leak detection with Valgrind runs the Valgrind tool and several other tools to check for memory leaks, which can lead to resource buffer overflows and more. Exploit /...

Malicious code in tenable-universal-layout (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a06fb3037f4c830e070f05524b0e4d6e3cb5adec2e77bc06f20ee92a42742689 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1380 Malicious code in tenable-universal-layout (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a06fb3037f4c830e070f05524b0e4d6e3cb5adec2e77bc06f20ee92a42742689 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-21124

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

Astra Linux – Vulnerability in hdf5

A buffer overflow in H5Olayoutencode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service through a crafted HDF5 file. This issue was triggered during the repacking of an HDF5 file, also known as “Invalid write of size 2.”...

CVE-2025-22701

Server-Side Request Forgery SSRF vulnerability in shinetheme Traveler Layout Essential For Elementor traveler-layout-essential-for-elementor.This issue affects Traveler Layout Essential For Elementor: from n/a through 1.4...

CVE-2022-24822

Podium is a library for building micro frontends. @podium/layout is a module for building a Podium layout server, and @podium/proxy is a module for proxying HTTP requests from a layout server to a podlet server. In @podium/layout prior to version 4.6.110 and @podium/proxy prior to version 4.2.74,...

CVE-2020-26295

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from 19.4.9 an...

Malicious code in effect-layout-function (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-1216 Malicious code in effect-layout-function (npm)

The package communicates with a domain associated with malicious activity...

CVE-2025-22701

Server-Side Request Forgery SSRF vulnerability in shinetheme Traveler Layout Essential For Elementor traveler-layout-essential-for-elementor.This issue affects Traveler Layout Essential For Elementor: from n/a through 1.4...

CVE-2025-22701 WordPress Traveler Layout Essential For Elementor plugin <= 1.0.8 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in NotFound Traveler Layout Essential For Elementor. This issue affects Traveler Layout Essential For Elementor: from n/a through 1.0.8...

WordPress plugin Traveler Layout Essential For Elementor 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

WordPress Traveler Layout Essential For Elementor plugin < 1.4 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Traveler Layout Essential For Elementor versions 1.4...