10 matches found
SUSE CVE-2026-43095
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...
CVE-2026-43095
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...
CVE-2026-43095
In CVE-2026-43095, the Linux kernel ASoC SDCA subsystem fixes an IRQ cleanup flaw. IRQs are currently enabled via sdca_irq_populate() from component probe using devm_request_threaded_irq(), which can cause IRQs to persist after a sound card teardown. Some IRQ handlers hold references to the card ...
CVE-2026-33481
Syft is a a CLI tool and Go library for generating a Software Bill of Materials SBOM from container images and filesystems. Syft versions before v1.42.3 would not properly cleanup temporary storage if the temporary storage was exhausted during a scan. When scanning archives Syft will unpack those...
CVE-2026-33481
Syft is a a CLI tool and Go library for generating a Software Bill of Materials SBOM from container images and filesystems. Syft versions before v1.42.3 would not properly cleanup temporary storage if the temporary storage was exhausted during a scan. When scanning archives Syft will unpack those...
GHSA-J4VR-PCMW-HX59 Rancher user retains access to clusters despite Global Role removal
Impact A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that: - Have a on in rule for resources - Hav...
CVE-2023-26430
Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEVE extension that are not allowed by App Suite or to inject rules which would break per-user filter processing, requiring manual cleanup of such rules. We...
PT-2022-18281 · Jenkins · Jenkins Parameterized Trigger Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Parameterized Trigger Plugin versions 2.43 and earlier Description: The issue concerns the capture and storage of environment variables, including password parameter values, in build.xml files by the Jenkins Parameterized Trigger...
Moodle Teacher Enrollment Privilege Escalation to RCE
Moodle version 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12 and earlier unsupported versions allow for a teacher to exploit chain to RCE. A bug in the privileges system allows a teacher to add themselves as a manager to their own class. They can then add any other users, and thus look to add...
Metasploit 4.4 - pcap_log Plugin Privilege Escalation (Metasploit)
Metasploit 4.4 - pcaplog Plugin Privilege Escalation Metasploit This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require...