EUVD-2023-60063

In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btrackerdestroy Otherwise the kernel can BUG with: 2245.426978 ============================================================================= 2245.435155 BUG btwork Tainted: G B W...

SUSE CVE-2023-53545

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csava properly Root PD BO should be reserved before unmap and remove a bova from VM otherwise lockdep will complain. v2: check fpriv-csava is not NULL instead of amdgpumcbp christian 14616.936827...

CVE-2023-53545

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csava properly Root PD BO should be reserved before unmap and remove a bova from VM otherwise lockdep will complain. v2: check fpriv-csava is not NULL instead of amdgpumcbp christian 14616.936827...

CVE-2023-53545

Summary: CVE-2023-53545 is a Linux kernel AMDGPU VM management issue. The root cause was improper handling of VM bo_va unmapping/removal: the Root PD BO was not reserved before unmapping/removing a bo_va from the VM, which could trigger a lockdep warning. The patch adds a guard by ensuring fpriv-...

CVE-2023-53545 drm/amdgpu: unmap and remove csa_va properly

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csava properly Root PD BO should be reserved before unmap and remove a bova from VM otherwise lockdep will complain. v2: check fpriv-csava is not NULL instead of amdgpumcbp christian 14616.936827...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly preserving the root PD BO, which could lead to a null pointer dereference...

EUVD-2025-15880

Malicious code in bioql PyPI...

CVE-2025-47854

In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity lies in the redirection of URLs to an unreliable website, allowing attackers to redirect users to arbitrary URL addresses.

The vulnerability of the Continuous Integration and Deployment application delivery system CI/CD of TeamCity in JetBrains is related to the redirection of URLs to an unreliable website during the editing of the VCS root page. Exploiting this vulnerability could allow a malicious actor to redirect...

CVE-2025-47854

In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page...

CVE-2025-47854

JetBrains TeamCity has a CVE-2025-47854 open redirect vulnerability in versions prior to 2025.03.2, triggered when editing the VCS Root page due to improper handling of the destination jump (input validation issue). Affected product: JetBrains TeamCity (CI/CD server). Impact is open redirect; exp...

JetBrains TeamCity 输入验证错误漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from an input validatio...

CVE-2024-45612 Insert tag injection via canonical URL in Contao

Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page front end. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable canonical tags in the root...

GHSA-2XPQ-XP6C-5MGJ Contao affected by insert tag injection via canonical URL

Impact It is possible to inject insert tags in canonical URLs which will be replaced when the page is rendered. Patches Update to Contao 4.13.49, 5.3.15 or 5.4.3. Workarounds Disable canonical tags in the settings of the website root page. References...

kernel: drm/amdgpu: unmap and remove csa_va properly

A locking violation was found in the Linux kernel's AMD GPU driver in the context save area cleanup path. A local user can trigger this issue when closing GPU contexts, causing the driver to unmap and remove virtual memory mappings without first reserving the root page directory buffer object. Th...

PT-2025-40687

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to the handling of memory management within the DRM/amdgpu subsystem. Specifically, the vulnerability concerns the improper unmapping...

ALPINE-CVE-2023-34322

For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...

DEBIAN-CVE-2023-34322

For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...

WordPress Plugin Post-Duplicator Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress Plugin Post-Duplicator Plugin 2.23 is vulnerable to a cross-site scripting vulnerability, which stems from an XSS payload given in t...

CVE-2021-33852

A cross-site scripting XSS attack can cause arbitrary code JavaScript to run in a user's browser and can use an application as the vehicle for the attack. The XSS payload given in the "Duplicate Title" text box executes whenever the user opens the Settings Page of the Post Duplicator Plugin or th...