Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/alpine-msi: The refcount leak in alpinemsixinitdomains has been fixed. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add t...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the put function. An attacker can overwrite or create arbitrary files in the webroot by enticing a user to visit a malicious website, which then issues crafted PUT requests through the victim's browse...

afs: Fix potential null pointer dereference in afs_put_server

...

EUVD-2025-31990

Malicious code in bioql PyPI...

The vulnerability of the dev_put() function in the net/atm/lec.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the devput function in the net/atm/lec.c module of the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-7115 rowboatlabs rowboat Session route.ts PUT missing authentication

A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue is the function PUT of the file apps/rowboat/app/api/uploads/fileId/route.ts of the component Session Handler. The manipulation of the argument...

CVE-2025-7115 rowboatlabs rowboat Session route.ts PUT missing authentication

A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue is the function PUT of the file apps/rowboat/app/api/uploads/fileId/route.ts of the component Session Handler. The manipulation of the argument...

PT-2025-28133 · Rowboatlabs · Rowboat

Name of the Vulnerable Software and Affected Versions: rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97 Description: A critical issue has been found, affecting the function PUT of the file apps/rowboat/app/api/uploads/fileId/route.ts in the Session Handler component. The...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from a post-release reuse issue in the keyput function...

Unspecified vulnerability in Linux kernel (CNVD-2024-46399)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an extra call to the rpm put function. No details of the vulnerability are provided at this time...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an extra call to the rpm put function. No details of the vulnerability are provided at this time...

VulnCheck KEV: CVE-2021-34641

The SEOPress WordPress plugin is vulnerable to Stored Cross-Site-Scripting via the processPut function found in the /src/Actions/Api/TitleDescriptionMeta.php file which allows authenticated attackers to inject arbitrary web scripts, in versions 5.0.0 - 5.0.3...

The vulnerability of the memory manager in the Linux operating system’s kernel, backing-dev.c, allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s memory manager, specifically the backing-dev.c module, is related to the use of previously freed memory in the functions bdiput and bdiunregister. Exploiting this vulnerability can allow an attacker to cause a service failure...

Prototype Pollution

dotty is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes via the put function and modify attributes such as proto, constructor, and prototype...

PT-2017-2778 · Postgresql +2 · Postgresql +2

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions prior to 9.4.13 PostgreSQL versions prior to 9.5.8 PostgreSQL versions prior to 9.6.4 Description: The issue is caused by a flaw in the authorization procedure, allowing remote authenticated attackers with no privileges on...