EUVD-2021-34800

Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into module parameters. Attackers can send POST requests to /manager/index.php with malicious PHP code in...

CVE-2021-47939

Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into module parameters. Attackers can send POST requests to /manager/index.php with malicious PHP code in...

CVE-2021-47939

Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into module parameters. Attackers can send POST requests to /manager/index.php with malicious PHP code in...

EUVD-2023-60366

In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix pollinterval handling and races on remove Before this patch bq27xxxbatteryteardown was setting pollinterval = 0 to avoid bq27xxxbatteryupdate requeuing the delayedwork item. There are 2 problems with...

CVE-2023-54079

In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix pollinterval handling and races on remove Before this patch bq27xxxbatteryteardown was setting pollinterval = 0 to avoid bq27xxxbatteryupdate requeuing the delayedwork item. There are 2 problems with...

EUVD-2005-1511

Malware in sbrugna...

EUVD-2017-15153

Malware in sbrugna...

EUVD-2023-47932

Malicious code in bioql PyPI...

CVE-2025-39909 mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters()

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: avoid divide-by-zero in damonlrusortapplyparameters Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters application". DAMON's RECLAIM and LRUSORT modules perform no validation on...

ALSA-2024:5101 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: powerpc: Fix access beyond end of drmem array CVE-2023-52451 kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure...

CVE-2024-37356

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcpupdatealpha. In dctcpupdatealpha, we use a module parameter dctcpshiftg as follows: alpha -= minnotzeroalpha, alpha dctcpshiftg; ... deliveredce /sys/module/tcpdctcp/parameters/dctcpshiftg cat...

CVE-2024-37356 tcp: Fix shift-out-of-bounds in dctcp_update_alpha().

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcpupdatealpha. In dctcpupdatealpha, we use a module parameter dctcpshiftg as follows: alpha -= minnotzeroalpha, alpha dctcpshiftg; ... deliveredce /sys/module/tcpdctcp/parameters/dctcpshiftg cat...

PT-2024-13099 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to memory corruption that occurs when querying module parameters from the Listen Sound model client in the kernel from user space. This can potentially lead to...

CVE-2023-41300

Vulnerability of parameters not being strictly verified in the PMS module. Successful exploitation of this vulnerability may cause the system to restart...

Pi-Star DV Dashboard 安全漏洞

Pi-Star DV Dashboard is an application based on Hans-J. Barthen DL5DI and Kim Huebel DG9VH by the individual developer Andy Taylor. A security vulnerability exists in versions of Pi-Star DV Dashboard prior to 5aa194d, which stems from its incorrect handling of module parameters...

EyesOfNetwork SQL Injection Vulnerability

EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides features such as a business process configuration tool, generating pop-up windows when events occur in the active queue, and more. Multiple SQL injection vulnerabilities exist in EyesOfNetwork aka EON 5.0 and...

kernel: block: passing disk names as format strings

Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...

UBUNTU-CVE-2013-2851

Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/mdmod/parameters/newarray in order to create a crafted /dev/md device nam...

Unbreakable Enterprise kernel security and bug fix update

2.6.32-300.37.1. - sfc: Replace some literal constants with EFXPAGESIZE/EFXBUFSIZE Ben Hutchings Orabug: 14769994 - CVE-2012-3412 sfc: Fix maximum number of TSO segments and minimum TX queue size Ben Hutchings Orabug: 14769994 CVE-2012-3412 2.6.32-300.36.1. - dl2k: Clean up rioioctl Stephan Muell...

CVE-2006-1416

CVE-2006-1416 describes a cross-site scripting (XSS) vulnerability in the afmsearch.aspx page of Absolute FAQ Manager for .NET 4.0 and earlier. The issue arises from unsanitized input in the search module parameters (possibly the question parameter), enabling a remote attacker to inject arbitrary...