DEBIAN-CVE-2022-49936

In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking detected 5.18.0 3 Not...

UBUNTU-CVE-2022-50224

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...

UBUNTU-CVE-2022-49936

In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking detected 5.18.0 3 Not...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the USB kernel not preventing nested device reset calls, which could lead to a recursive locking violation...

A Nested Watermark for Large Language Models

The rapid advancement of large language models LLMs has raised concerns regarding their potential misuse, particularly in generating fake news and misinformation. To address these risks, watermarking techniques for autoregressive language models have emerged as a promising means for detecting...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the KVM x86 mmu not treating NX as an NPT valid bit, which could result in a reserved bit set warning...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

Astra Linux – Vulnerability in libxslt

In numbers.c in libxslt before version 1.1.43, there is a use-after-free issue. This occurs because, in nested XPath evaluations, an XPath context node can be modified but cannot be restored. This issue is related to the functions xsltNumberFormatGetValue, xsltEvalXPathPredicate,...

Astra Linux – Vulnerability in protobuf

Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups/series of SGROUP tags can be corrupted due to exceeding the stack limit, i.e., StackOverflow. Parsing nested groups as unknown fields using the DiscardUnknownFieldsParser or the Java Protobuf...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Misc: Microchip: PCI1xxxx – Resolve kernel panic during GPIO IRQ handling This issue resolves the kernel panic caused by improper handling of IRQs when accessing GPIO values. This is achieved by replacing the generichandleirq...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pcilockrescanremove, then...

Astra Linux – Vulnerability in Thunderbird

Thunderbird’s handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By creating a nested email attachment message/rfc822 and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened,...

Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2025-1621)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : libxslt (EulerOS-SA-2025-1600)

According to the versions of the libxslt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never...

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

BIT-MARIADB-MIN-2021-46662

MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery...

CVE-2025-49442

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mostafa Shahiri Simple Nested Menu simple-nested-menu allows Stored XSS.This issue affects Simple Nested Menu: from n/a through = 1.0...

CVE-2025-49442

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mostafa Shahiri Simple Nested Menu simple-nested-menu allows Stored XSS.This issue affects Simple Nested Menu: from n/a through = 1.0...

CVE-2025-49442

CVE-2025-49442 is a Stored XSS in the Simple Nested Menu WordPress plugin (affected: Simple Nested Menu