15 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The socket is closed after it has been accepted, even when the per-IP limit is exceeded and a connection attempt fails. When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret to -EAGAIN and...
PT-2026-48689
Impact AsyncListener.handle query or defer retained every truncated TC-bit incoming query in self. deferredaddr and armed a per-addr timer in self. timersaddr that flushed the reassembled query within 500 ms RFC 6762 §18.5. Neither the per-addr list nor the number of distinct addr keys was capped...
CVE-2025-64526 Strapi has a rate limit bypass on users-permissions plugin via attacker-controlled email keying
Strapi is an open source headless content management system. In Strapi versions prior to 5.45.0, the rate-limit middleware in the users-permissions plugin derived its rate-limit key in part from ctx.request.body.email, including on routes whose body schema does not contain an email field...
EUVD-2025-203650
In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...
CVE-2025-68246
In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...
CVE-2025-68246
In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...
CVE-2025-68246
Technical details for CVE-2025-68246 are not publicly provided in the connected documents. Monitor for updates.
CVE-2025-68246 ksmbd: close accepted socket when per-IP limit rejects connection
In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...
Linux Distros Unpatched Vulnerability : CVE-2025-68246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN an...
Employee Profile Management System /view_personnel.php File Cross-Site Scripting Vulnerability
Employee Profile Management System is an employee profile management system. Employee Profile Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter peraddress/drschool/otherschool in...
EUVD-2025-201605
A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...
CVE-2025-14194
A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...
CVE-2025-14194 code-projects Employee Profile Management System view_personnel.php cross site scripting
A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...
CVE-2025-14194 code-projects Employee Profile Management System view_personnel.php cross site scripting
A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...
Debian dla-4280 : libunbound-dev - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4280 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4280-1 [email protected]...