CVE-2022-28930

ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml...

Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing /...

kernel: dm rq: don't queue request to blk-mq during DM suspend

In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updating nrrequests or...

kernel: dm: fix mempool NULL pointer race when completing IO

In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dmiodecpending calls endioacct first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...

kernel: dm: fix mempool NULL pointer race when completing IO

In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dmiodecpending calls endioacct first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...

qt: out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke

A vulnerability was found in Qt, where an out-of-bounds write in the QOutlineMapper::convertPath function can lead to a denial of service, a remote attacker could exploit this flaw by sending a specially crafted request, causing the application to crash...

device-mapper-multipath bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

device-mapper-multipath bug fix and enhancement update

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

device-mapper-persistent-data bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

device-mapper-persistent-data bug fix and enhancement update

An update is available for device-mapper-persistent-data. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, se...

CVE-2022-30293

In WebKitGTK through 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...

UBUNTU-CVE-2022-30293

In WebKitGTK through 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...

CVE-2022-30293

In WebKitGTK through 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...

PT-2022-3506 · Apple +7 · Webkitgtk +8

Name of the Vulnerable Software and Affected Versions: WebKitGTK versions through 2.36.0 WPE WebKit versions through 2.36.0 Description: The issue is related to a heap-based buffer overflow in the WebCore::TextureMapperLayer::setContentsLayer function, located in...

cc.siyecao.mapper:clover-mapper (>=3.0.2 <=3.0.3), cc.siyecao.mapper:clover-mapper-dynamic (=3.0.2) +1209 more potentially affected by CVE-2022-28111 +1 more via com.github.pagehelper:pagehelper (>=3.6.4 <=5.3.0)

com.github.pagehelper:pagehelper MAVEN version =3.6.4, =3.0.2, =3.0.2, =3.0.2, =3.0.2, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =1.0.0, =0.0.1, =1.0.1, =1.2.0.RELEASE, =1.6.0.RELEASE and more Source cves: CVE-2022-28111, CVE-2022-42227 Source advisory: OSV:GHSA-W559-623P-VFG8...

ALBA-2022:1548 device-mapper-multipath bug fix and enhancement update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Bug Fixes and Enhancements: multipathd.socket is missing start conditions BZ2054877...

device-mapper-multipath bug fix and enhancement update

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The device-mapper-multipath packages provide tools that use t...

device-mapper-multipath bug fix and enhancement update

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Bug Fixes and Enhancements: multipathd.socket is missing start conditions BZ2054877...

CVE-2021-40644

An SQL Injection vulnerability exists in oasys oasystem as of 9/7/2021 in resources/mappers/notice-mapper.xml...

CVE-2021-40644

An SQL Injection vulnerability exists in oasys oasystem as of 9/7/2021 in resources/mappers/notice-mapper.xml...