1263 matches found
CVE-2025-7888
A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument formKey leads to sql injection. The attack may ...
webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution
A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the...
webkitgtk: heap-buffer-overflow in WebCore::TextureMapperLayer::setContentsLayer
REJECTED CVE In WebKitGTK through 2.36.0 and WPE WebKit, there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...
Exploit for Improper Access Control in Elasticsearch
欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版:2019年11月28日 V1.0初版编写完成 修改1:2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2:2019年12月03日 V1.1发布,新增ARP存活检测(回滚,测bug) 修改3:2019年12月04日 V1.2发布,修复漏洞脚本异常,修复weblogic脚本 修改4:2019年12月05日 V1.2修改,感谢sevck提供设计思路以及代码不规范问题 修改5:2019年12月05日 V1.2修改,修复IP数据处理异常 修改6:2019年12月19日...
SUSE CVE-2025-38141
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
DEBIAN-CVE-2025-38141
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
UBUNTU-CVE-2025-38141
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
CVE-2025-38141 dm: fix dm_blk_report_zones
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from dm not handling partition table swapping correctly, which could lead to memory corruption...
SUSE CVE-2025-38063
In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...
DEBIAN-CVE-2022-50092
In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...
AZL-72707 CVE-2025-38063 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...
AZL-64031 CVE-2025-38063 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...
DEBIAN-CVE-2025-38063
In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...
UBUNTU-CVE-2025-38063
In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...
CVE-2025-38063
The CVE-2025-38063 entry concerns a Linux kernel vulnerability in the Linux DM (device-mapper) path where a bio submitted with REQ_PREFLUSH causes an unconditional IO throttle via wbt_wait, throttling the flush_bio that includes REQ_OP_WRITE | REQ_PREFLUSH | REQ_SYNC. The root cause is throttling...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from dm unconditionally limiting IO throughput at REQPREFLUSH...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: dm-integrity: Avoid divide by zero in table status in Inline mode In Inline mode, the journal is unused, and journalsectors is zero. Calculating the journal watermark requires dividing by journalsectors, which should be done only...
TencentOS Server 3: device-mapper-multipath (TSSA-2023:0147)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0147 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: device-mapper-multipath (TSSA-2022:0281)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0281 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...