54705 matches found
CVE-2025-70062
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery CSRF vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts privileged users ...
Emacs Extension Persistence
This module adds a lisp based malicious extension to the emacs configuration file. When emacs is opened, the extension will be loaded and the payload will be executed. Tested against emacs 29.3 build 1 on Ubuntu Desktop 24.04. Module Options msf use exploit/linux/persistence/emacsextension msf...
CLSA-2026-1771432562 Fix CVE(s): CVE-2025-15366
SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366...
CVE-2025-71235
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
CVE-2025-71232
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...
UBUNTU-CVE-2025-71235
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
UBUNTU-CVE-2025-71232
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...
CVE-2025-71232
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...
CVE-2025-71235
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
CVE-2025-71235
CVE-2025-71235 : Linux kernel, scsi: qla2xxx driver. The issue arises when a module unload is issued while a fabric scan is in progress, causing a crash due to freeing memory in interrupt context (dma_free_attrs) after the UNLOADING flag is set and a scheduled work item cannot be allocated. Root ...
CVE-2025-71235 scsi: qla2xxx: Delay module unload while fabric scan in progress
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
CVE-2025-71235 scsi: qla2xxx: Delay module unload while fabric scan in progress
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
CVE-2025-71235 scsi: qla2xxx: Delay module unload while fabric scan in progress
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
CVE-2025-71235
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
CVE-2025-71232
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...
CVE-2025-71232 scsi: qla2xxx: Free sp in error path to fix system crash
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...
CVE-2025-71232 scsi: qla2xxx: Free sp in error path to fix system crash
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...
CVE-2026-23213 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2025-71227
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear to me how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and has disabled a channel between scanning channel...
CVE-2025-8303
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in EKA Software Computer Information Advertising Services Ltd. Real Estate Script V5 With Doping Module – Store Module – New Language System allows Cross-Site Scripting XSS.This issue affects...