UBUNTU-CVE-2025-39722

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to...

CVE-2024-52319

In the Linux kernel, the following vulnerability has been resolved: mm: use aligned address in cleargiganticpage In current kernel, hugetlbnopage calls foliozerouser with the fault address. Where the fault address may be not aligned with the huge page size. Then, foliozerouser may call...

UBUNTU-CVE-2024-52319

In the Linux kernel, the following vulnerability has been resolved: mm: use aligned address in cleargiganticpage In current kernel, hugetlbnopage calls foliozerouser with the fault address. Where the fault address may be not aligned with the huge page size. Then, foliozerouser may call...

CVE-2023-26131

All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possibl...

PT-2023-20510 · Unknown · Github.Com/Xyproto/Algernon/Themes +1

Name of the Vulnerable Software and Affected Versions: github.com/xyproto/algernon/engine affected versions not specified github.com/xyproto/algernon/themes affected versions not specified Description: The issue is related to Cross-site Scripting XSS due to improper user input sanitization in the...

kernel: race condition in hugetlb_no_page() in mm/hugetlb.c

A vulnerability was found in hugetlbnopage in the mm/hugetlb.c file in the Linux Kernel, where a manipulation leads to a race condition. This flaw may allow a local attacker to cause a denial of service and can lead to a kernel information leak issue...

kernel: race condition in hugetlb_no_page() in mm/hugetlb.c

A vulnerability was found in hugetlbnopage in the mm/hugetlb.c file in the Linux Kernel, where a manipulation leads to a race condition. This flaw may allow a local attacker to cause a denial of service and can lead to a kernel information leak issue...

SUSE CVE-2021-42373

A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found. PoC bash go install...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the themes.NoPagefilename, theme function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found. PoC bash go install...

PT-2021-23603 · Busybox +3 · Busybox +3

Name of the Vulnerable Software and Affected Versions: Busybox affected versions not specified Description: A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given. Recommendations: At the moment, there is no...