6 matches found
CVE-2026-24476
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...
UBUNTU-CVE-2022-50675
In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PGmtetagged if no tags cleared or restored Prior to commit 69e3b846d8a7 "arm64: mte: Sync tags for pages where PTE is untagged", mtesynctags was only called for ptetagged entries those mapped with PROTMT...
CVE-2022-50675 arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored
In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PGmtetagged if no tags cleared or restored Prior to commit 69e3b846d8a7 "arm64: mte: Sync tags for pages where PTE is untagged", mtesynctags was only called for ptetagged entries those mapped with PROTMT...
PT-2024-32203
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.9 Description The issue arises when PG hwpoison pages are freed and treated differently in free pages prepare, leading to isolation instead of release. Page allocation tag counters are decremented, consideri...
Xpdf 安全漏洞
Glyph & Cog Xpdf is an open source PDF archive viewer from Glyph & Cog. A security vulnerability exists in Xpdf 4.04 and earlier versions, which stems from a loop of PDF objects in the page tag tree that can lead to infinite recursion and a stack overflow...
GSD-2022-1000617 mm, kasan: use compare-exchange operation to set KASAN page tag
mm, kasan: use compare-exchange operation to set KASAN page tag This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.5 by commit...