Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37956)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37956 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string...

Linux Distros Unpatched Vulnerability : CVE-2025-37956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the err...

DEBIAN-CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

UBUNTU-CVE-2025-37956

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...

PT-2025-22217

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified where a client can send an empty newname string to the ksmbd server, causing a kernel oops from d alloc. This issue occurs when...

CVE-2022-35537

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac5g and Newname, which leads to command injection in page /wifimesh.shtml...

Command injection

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac5g and Newname, which leads to command injection in page /wifimesh.shtml...

OpenEMR 跨站脚本漏洞

OpenEMR is an open source healthcare management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. cross-site scripting vulnerabilities exist in versions of OpenEMR prior to...

TerraMaster TOS System Command Injection Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php file in...

CVE-2018-13418

System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter...

Command injection

System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter...

Dell SonicWALL Global Management System Cross-Site Scripting Vulnerability

The Dell SonicWall Global Management System GMS is a global management system from Dell, USA. The system enables rapid deployment and centralized management of Dell SonicWALL firewall, anti-spam, backup and recovery, and secure remote access solutions. A cross-site scripting vulnerability exists ...

CVE-2018-5691

SonicWall Global Management System GMS 8.1 has XSS via the newName and Name values of the /sgms/TreeControl module...

Sql injection

Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to 1 copy2.php, 2 localize.php, 3 metai.php, 4 nc.php, 5 new2.php, or 6 rename2.php in u5admin/; 7 c parameter to u5admin/editor.php; 8 typ parameter to...

DEBIAN-CVE-2006-6942

Multiple cross-site scripting XSS vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via 1 a comment for a table name, as exploited through a dboperations.php, 2 the db parameter to b dbcreate.php, 3 the newname parameter to dboperations.php...