147 matches found
CVE-2024-53150 ALSA: usb-audio: Fix out of bounds reads when finding clock sources
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descripto...
CVE-2022-27595 QVPN Device Client
An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windo...
CVE-2024-55663 XWiki Platform has an SQL injection in getdocuments.vm with sort parameter
XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 13.10.5 and 14.3-rc-1, in getdocument.vm; the ordering of the returned documents is defined from an unsanitized request parameter request.sort and can allow any user to inject HQL. Depending on th...
pam:1.5.1 security update
1.5.1-22.0.1 - pamaccess: clean up the remote host matching code Orabug: 36771903 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-22 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66245 1.5.1-21 - pamunix: always run the helper to...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2929)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : RDMA/ibsrp: Fix a deadlockCVE-2022-48930 netfilter: fix use-after-free in nfregisternethookCVE-2022-48912 protect the fetch of -fdfd in dodup2 fro...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.336.5.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37138988 5.4.17-2136.336.5 - uek-rpm: Add skxedaccommon.ko to nanomodules Sherry Yang Orabug: 37030127 - EDAC, i10nm: make skxcommon.o a separate module Arnd Bergmann Orabug: 37030127 - uek-rpm:...
WordPress Bit Form plugin <= 2.13.10 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Minh Giang & Christopher Houk Patchstack Alliance in WordPress Plugin Bit Form versions = 2.13.10...
linkedinformed.libsyn.com Cross Site Scripting vulnerability OBB-3922042
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
stichtingkoryo.nl Cross Site Scripting vulnerability OBB-3916806
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-52629 sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flushwork before timershutdownsync in switchdrvremove. Although we use flushwork to stop the worker, it could be rescheduled in...
kdsystem.de Improper Access Control vulnerability OBB-3819184
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
nolting-eckhardt.de Improper Access Control vulnerability OBB-3776932
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
nancylucina.com Cross Site Scripting vulnerability OBB-3699576
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
rentreplica.se Cross Site Scripting vulnerability OBB-3534393
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
evishine.dk Cross Site Scripting vulnerability OBB-3515910
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
test-hi.hawk.de Cross Site Scripting vulnerability OBB-3451353
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
webutations.org Cross Site Scripting vulnerability OBB-3346092
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ufvinternational.com Cross Site Scripting vulnerability OBB-3335519
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2025-26019 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0-rc3-00004-g0e862838f290 Description: A vulnerability in the Linux kernel has been resolved, which could lead to invalid memory access via node onlineNUMA NO NODE. The issue occurs when pxm to node returns...
wiki.merionet.ru Cross Site Scripting vulnerability OBB-3222955
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...