29 matches found
SUSE CVE-2026-52923
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
CVE-2026-52923
A flaw was found in the Linux kernel. The ipcidralloc function, used in the checkpoint/restore path for SysV Inter-Process Communication IPC ID allocation, does not properly limit ID allocation to the valid range. This can result in the system attempting to dereference freed memory, leading to a...
UBUNTU-CVE-2026-52923
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
CVE-2026-52923 ipc: limit next_id allocation to the valid ID range
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
PT-2026-51716
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the checkpoint/restore sysctl path where the ipc idr alloc function forwards requests to idr alloc with an open-ended upper bound. When the valid SysV IPC id space is...
Server-side Request Forgery (SSRF)
Overview weblate is an A web-based continuous localization system with tight version control integration Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the ProjectBackup restore path in the backup import code. An attacker can supply a crafted project...
SUSE CVE-2026-31644
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...
CVE-2026-31644
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...
CVE-2026-31644 net: lan966x: fix use-after-free and leak in lan966x_fdma_reload()
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...
CVE-2026-31644 net: lan966x: fix use-after-free and leak in lan966x_fdma_reload()
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...
EUVD-2026-25537
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...
CVE-2026-31644
CVE-2026-31644 affects the Linux kernel LAN966X network driver. The issue arises in lan966x_fdma_reload() when allocation of new RX buffers fails, causing the restore path to restart DMA with old descriptors whose pages were already freed, and because page_pool_put_full_page() can release pages b...
PT-2026-34996
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966x fdma reload When lan966x fdma reload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966x fdma rx fr...
CVE-2026-2956
A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the file /home/restore. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit has been released to the public and may be...
CVE-2026-2956
CVE-2026-2956 affects qinming99 dst-admin up to 1.5.0. The issue is a command injection in the revertBackup function located in /home/restore, triggered by manipulating the Name argument. It supports remote attacker access and has publicly available exploit code. Public advisories indicate versio...
PT-2026-21467
Name of the Vulnerable Software and Affected Versions qinming99 dst-admin versions up to 1.5.0 Description A security flaw exists in qinming99 dst-admin up to version 1.5.0. The issue is related to command injection in the revertBackup function located in the /home/restore file. The Name argument...
CVE-2025-69875
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be...
Quick Heal Total Security 安全漏洞
Quick Heal Total Security is a antivirus software developed by the Indian company Quick Heal. Version 23.0.0 of Quick Heal Total Security contains a security vulnerability. This vulnerability stems from insufficient validation of restore paths and improper handling of permissions in the isolation...
PT-2026-5977
Name of the Vulnerable Software and Affected Versions Quick Heal Total Security version 23.0.0 Description A flaw exists in the quarantine management component of the software where inadequate validation of restore paths and incorrect permission handling permit a low-privilege local user to resto...
EUVD-2025-206708
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be...