PT-2025-40165

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference issue exists in the cx23885 driver within the Linux kernel, specifically in the buffer prepare and buffer finish functions. The issue occurs when dma alloc...

MAL-2025-13279 Malicious code in @zalastax/nolb-prep (npm)

The package @zalastax/nolb-prep was found to contain malicious code...

Malicious code in @zalastax/nolb-prep (npm)

The package @zalastax/nolb-prep was found to contain malicious code...

PT-2025-18573 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc3-syzkaller-00175-g1118b2049d77 Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the napi schedule prep function, which must be called to ensure ownership of a...

DEBIAN-CVE-2023-52968

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...

Linux Distros Unpatched Vulnerability : CVE-2023-52787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for biointegrityprep blkintegrityunregister can...

The vulnerability of the block component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the block component in the Linux operating system’s kernel is related to the lack of memory release after the effective service life in the biointegrityprep function. Exploiting this vulnerability can allow a hacker to cause a service failure...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

SUSE CVE-2022-48865

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236 tipclinkbuildprotomsg+0x375/0x750...

SUSE CVE-2023-52787

In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for biointegrityprep blkintegrityunregister can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling...

DEBIAN-CVE-2023-52787

In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for biointegrityprep blkintegrityunregister can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling...

doralacademyprep.org Cross Site Scripting vulnerability OBB-3918381

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ontarioprep.ca Cross Site Scripting vulnerability OBB-3914062

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

btgcollegeprep.org Cross Site Scripting vulnerability OBB-3903942

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2024-26689

In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encodecapmsg In fs/ceph/caps.c, in encodecapmsg, "use after free" error was caught by KASAN at this line - 'cephbuffergetarg-xattrbuf;'. This implies before the refcount could be increment here, it...

CVE-2024-2954

The Action Network plugin for WordPress is vulnerable to SQL Injection via the 'bulk-action' parameter in version 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, wit...

doralacademyprep.org Cross Site Scripting vulnerability OBB-3875962

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The vulnerability of the `io_provide_buffers_prep()` function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the ioprovidebuffersprep function in the Linux operating system arises due to an overflow in the stack buffer. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of data...