PT-2025-52891

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel’s BPF Berkeley Packet Filter implementation related to exclusive maps. Specifically, when excl prog hash is zero and excl prog hash size is...

EUVD-2021-16330

Malware in sbrugna...

eap-7: heap exhaustion via deserialization

A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result i...

CVE-2024-50017

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

DEBIAN-CVE-2024-50017

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

MapPress < 2.88.17 - Contributor+ Stored XSS via Map Settings

Description The plugin is vulnerable to Stored Cross-Site Scripting via the width and height parameters, allowing with contributor access and above to perform Stored XSS attacks - Go to Plugin’s page /wp-admin/admin.php?page=mappressmaps - Add New Map and search any location you want. - Add XSS...

Exploit for Authorization Bypass Through User-Controlled Key in Zabbix

CVE-2019-17382 - Zabbix Authentication Bypass A critical vuln...

SUSE CVE-2018-17233

A SIGFPE signal is raised in the function H5Dcreatechunkfilemaphyper of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack...

SUSE CVE-2021-29648

An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolvedids and resolvedsizes are intentionally uninitialized in the vmlinux BPF Type Format BTF, which can cause a system crash upon an unexpected access attempt in mapcreate in...

CVE-2021-29856

IBM Tivoli Netcool/OMNIbusGUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685...

Code injection

IBM Tivoli Netcool/OMNIbusGUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685...

CVE-2021-29856

IBM Tivoli Netcool/OMNIbusGUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685...

CVE-2021-29856

Summary: CVE-2021-29856 affects IBM Tivoli Netcool/OMNIbus_GUI 8.1.x (8.1.0). An authenticated user can cause a denial of service via the WebGUI Map Creation page. Impact: availability HIGH (CVSS v3.1 base score 6.5; network, low attack complexity, low privileges required, no user interaction). R...

IBM Tivoli Netcool/OMNIbus_GUI 安全漏洞

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbusGUI are both products of IBM Corporation, U.S.A. IBM Jazz for Service Management is an integrated service management product that provides visibility into the service management environment. IBM Tivoli Netcool/OMNIbusGUI is a graphical...

CVE-2021-29648

An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolvedids and resolvedsizes are intentionally uninitialized in the vmlinux BPF Type Format BTF, which can cause a system crash upon an unexpected access attempt in mapcreate in...

AZL-6551 CVE-2021-29648 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolvedids and resolvedsizes are intentionally uninitialized in the vmlinux BPF Type Format BTF, which can cause a system crash upon an unexpected access attempt in mapcreate in...

UBUNTU-CVE-2021-29648

An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolvedids and resolvedsizes are intentionally uninitialized in the vmlinux BPF Type Format BTF, which can cause a system crash upon an unexpected access attempt in mapcreate in...

DEBIAN-CVE-2019-17382

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password i.e., anonymously. All created elements...

DEBIAN-CVE-2018-17233

A SIGFPE signal is raised in the function H5Dcreatechunkfilemaphyper of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack...

Paessler PRTG Network Monitor Elevation of Privilege Vulnerability

PRTG Network Monitor is an uptime and bandwidth monitoring software that supports various sensor types. An elevation of privilege vulnerability exists in Paessler PRTG Network Monitor 17.3.33.2830. A read-only user can create a Map by forging a request and sending it to the server...