CVE-2025-38430 nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4spomustallow must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check that the rpc procedure...

CVE-2024-50585

CVE-2024-50585 affects the Numerix License Server (Numerix, Inc.). Users who click a malicious link or visit an attacker-controlled site can have arbitrary JavaScript executed in the context of the Numerix License Server Administration System Login (nlslogin.jsp) page. The vulnerability can be tr...

CVE-2024-50585 Reflected Cross-Site Scripting

Users who click on a malicious link or visit a website under the control of an attacker can be infected with arbitrary JavaScript which is running in the context of the "Numerix License Server Administration System Login" nlslogin.jsp page. The vulnerability can be triggered by sending a speciall...

CVE-2024-50585 Reflected Cross-Site Scripting

Users who click on a malicious link or visit a website under the control of an attacker can be infected with arbitrary JavaScript which is running in the context of the "Numerix License Server Administration System Login" nlslogin.jsp page. The vulnerability can be triggered by sending a speciall...