11 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice The ethnlreqgetPhyDev function is used to look up a phyDevice in cases where an ethtool netlink command targets a specific phyDevice within a netDevice’s topology...
CVE-2026-31544
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...
DEBIAN-CVE-2026-31544
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...
CVE-2026-31544
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...
PT-2026-34896
In the Linux kernel, the following vulnerability has been resolved: firmware: arm scmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: arm scmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmi event handler get ops...
CVE-2026-40249
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
PT-2025-37330
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to lock dependency in xsk notify triggered via register netdevice. Specifically, the issue arises from using register netdevice within notifier...
SUSE CVE-2025-21921
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...
DEBIAN-CVE-2025-21921
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...
CVE-2023-7185
A vulnerability was found in 7-card Fakabao up to 1.0build20230805. It has been classified as critical. This affects an unknown part of the file shop/wxpaynotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used...
7-card Fakabao SQL Injection Vulnerability
7-card Fakabao is a 7-card open source application. A SQL injection vulnerability exists in 7-card Fakabao version 1.0build20230805 and earlier versions, which stems from a problem with an unknown function in shop/wxpaynotify.php...