PT-2025-24540 · Unknown · Vigybag Open Source Online Shop

Name of the Vulnerable Software and Affected Versions: VigyBag Open Source Online Shop affected versions not specified Description: A Host Header injection issue in the password reset function allows attackers to redirect victim users to a malicious site via a crafted URL. Recommendations: At the...

CVE-2024-22646

An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system...

CVE-2024-4280

The White Label CMS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the resetplugin function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to reset plugin settings...

CVE-2024-29417

Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function...

CVE-2020-36498

Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting XSS vulnerability in the account reset function, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the e-mail input field...

CVE-2018-20999

An issue was discovered in the orion crate before 0.11.2 for Rust. reset calls cause incorrect results...

kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repro 1 crashing in nfsendreset6 I think the issue is that dev-hardheaderlen is zero, and we attempt later to push an Ethernet header. U...

bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock

...

SUSE CVE-2025-21951

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

CVE-2025-21951

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

DEBIAN-CVE-2025-21951

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

AZL-59916 CVE-2025-21951 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

UBUNTU-CVE-2025-21951

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

CVE-2025-21951

Technical details about CVE-2025-21951 are not provided in the supplied documents. Monitor official advisories for updates on affected products, impact, and fixes.

CVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

CVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock There are multiple places from where the recovery work gets scheduled asynchronously. Also, there are multiple places where the caller waits synchronously for...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a deadlock that may result from the use of pciresetfunction by the mhi host driver...

CVE-2022-49186

In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconticlkregistergates This code was using -1 to represent that there was no reset function. Unfortunately, the -1 was stored in u8 so the if clksi.rsid = 0 condition was always true. Th...

PT-2024-39258 · WordPress · Ba Book Everything

Name of the Vulnerable Software and Affected Versions: BA Book Everything plugin for WordPress versions up to, and including, 1.6.20 Description: The issue allows unauthenticated attackers to reset any user's passwords, including administrators, due to the reset user password function not verifyi...

kernel: ice: fix LAG and VF lock dependency in ice_reset_vf()

CVE-2024-36003 pertains to a deadlock vulnerability in the Linux kernel's ICE driver, which manages Intel Ethernet controllers. The issue arises from improper lock acquisition order between the Link Aggregation LAG mutex and the Virtual Function VF configuration lock within the iceresetvf functio...