kernel: audit: fix out-of-bounds read in audit_compare_dname_path()

An out of bounds read exists in the linux kernel such that when a watch on dir=/ is combined with an fsnotify event for a single-character name directly under root an out-of-bounds read can occur in auditcomparednamepath...

CVE-2024-36899 gpiolib: cdev: Fix use after free in lineinfo_changed_notify

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...

Synology DiskStation Manager Cross-Site Scripting Vulnerability (CNVD-2019-14277)

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A cross-site scripting vulnerability exists in...

PT-2019-8138 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.4-15217-3 Description: A cross-site scripting XSS issue exists, allowing remote authenticated users to inject arbitrary web script or HTML. This is due to insufficient validation of user...