CVE-2025-48444 Quick Node Block - Moderately critical - Access bypass - SA-CONTRIB-2025-064

Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0...

CVE-2025-48444

Drupal Quick Node Block contains a Missing Authorization vulnerability that allows forceful browsing. Affected: versions 0.0.0 through 1.9.9; fixed in 2.0.0+. Impact: unauthorized access (information disclosure via listing node labels) as described in SA-CONTRIB-2025-064. CVSS v3.1 base score 5.3...

Drupal Quick Node Block 安全漏洞

Drupal Quick Node Block is a Drupal plugin for the Drupal community. A security vulnerability exists in Drupal Quick Node Block versions prior to 2.0.0, which stems from a lack of authorization and could lead to forced browsing...

Drupal Quick Node Block 安全漏洞

Drupal Quick Node Block is a Drupal plugin for the Drupal community. A security vulnerability exists in Drupal Quick Node Block versions prior to 2.0.0, which stems from a lack of authorization and could lead to forced browsing...

PT-2025-25218 · Drupal · Drupal Quick Node Block

Name of the Vulnerable Software and Affected Versions: Drupal Quick Node Block versions 0.0.0 through 1.9.9 Description: The issue is related to a Missing Authorization vulnerability in Drupal Quick Node Block, which allows Forceful Browsing. Recommendations: For versions 0.0.0 through 1.9.9,...

PT-2025-25219 · Drupal · Drupal Quick Node Block

Name of the Vulnerable Software and Affected Versions: Drupal Quick Node Block versions 0.0.0 through 1.9.9 Description: The issue is related to a Missing Authorization vulnerability in Drupal Quick Node Block, which allows Forceful Browsing. Recommendations: For versions 0.0.0 through 1.9.9,...

DRUPAL-CONTRIB-2025-065

This module provides a block to easily display a rendered node. Access to the rendered node isn't validated before rendering the block. Allowing access to node content for users that would normally not be allowed to access the node...

Drupal Quick Node Block module < 2.0.0 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Mitch Portier arkener in WordPress Module Quick Node Block versions 2.0.0...

Drupal Quick Node Block module < 2.0.0 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Mitch Portier arkener in WordPress Module Quick Node Block versions 2.0.0...

f2fs: fix to do sanity check on node blkaddr in truncate_node()

...

SUSE CVE-2024-56692

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncatenode syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2534! RIP: 0010:f2fsinvalidateblocks+0x35f/0x370...

CVE-2024-56692 f2fs: fix to do sanity check on node blkaddr in truncate_node()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncatenode syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2534! RIP: 0010:f2fsinvalidateblocks+0x35f/0x370...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient integrity checking of node block addresses in the truncatenode function in the f2fs module...

CVE-2024-54129 Improper Initialization of `imc` Scheme Leading to `SIGABRT` in ION-DTN BPv7

The NASA’s Interplanetary Overlay Network ION is an implementation of Delay/Disruption Tolerant Networking DTN. A vulnerability exists in the version ION-DTN BPv7 implementation version 4.1.3 when receiving a bundle with an improper reference to the imc scheme with valid Service-Specific Part SSP...

CVE-2024-54129

The CVE-2024-54129 entry concerns NASA’s Interplanetary Overlay Network (ION) - DTN BPv7, version 4.1.3. The flaw occurs when receiving a bundle with an improper reference to the imc scheme that contains a valid Service-Specific Part (SSP) in the Previous Node Block, which can cause ION to become...

CVE-2024-54129 Improper Initialization of `imc` Scheme Leading to `SIGABRT` in ION-DTN BPv7

The NASA’s Interplanetary Overlay Network ION is an implementation of Delay/Disruption Tolerant Networking DTN. A vulnerability exists in the version ION-DTN BPv7 implementation version 4.1.3 when receiving a bundle with an improper reference to the imc scheme with valid Service-Specific Part SSP...

GSD-2021-1002548 f2fs: set SBI_NEED_FSCK flag when inconsistent node block found

f2fs: set SBINEEDFSCK flag when inconsistent node block found This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.6 by commit...

GSD-2021-1002439 f2fs: set SBI_NEED_FSCK flag when inconsistent node block found

f2fs: set SBINEEDFSCK flag when inconsistent node block found This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.163 by commit...

SA-CONTRIB-2010-004 - Node block - Cross site scripting

This module allows you to specify content types as being a block. This allows the content managers of the site to edit the block text and title without having to access the block administration page. Users only need edit access to that node in order to edit it. Users with administer block access...