Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Added definitions for p?dleaf When I perform the LTP test, the LTP test case ksm06 caused a panic at breakksmpmdentry - pmdleaf Huge page table, but False - ptepresent panic The reason is that pmdleaf is not define...

5.5CVSS5.2AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2026/04/01 10:3 p.m.1 views

GHSA-V897-C6VQ-6CR3 CI4MS: System Settings (Company Information) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via System Settings – Company Information Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Company Information Configuration Fields with Immediate Same-Page Execution Description The application fails t...

4.7CVSS6.2AI score0.00274EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/01 10:3 p.m.5 views

CI4MS: System Settings (Company Information) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via System Settings – Company Information Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Company Information Configuration Fields with Immediate Same-Page Execution Description The application fails t...

9CVSS6.2AI score0.00274EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/01 10:2 p.m.3 views

GHSA-GCFJ-CF7J-VWGJ CI4MS: System Settings (Social Media Management) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via System Settings – Social Media Management Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-site Scripting via Unsanitized Social Media Configuration Fields with Immediate Same-Page Execution Description The application fails to...

9.1CVSS6.2AI score0.00229EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/01 10:2 p.m.9 views

CI4MS: System Settings (Social Media Management) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via System Settings – Social Media Management Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-site Scripting via Unsanitized Social Media Configuration Fields with Immediate Same-Page Execution Description The application fails to...

8.4CVSS6.2AI score0.00229EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/30 4:19 p.m.3 views

GHSA-66M2-V9V9-95C3 ci4-cms-erp/ci4ms: System Settings (Mail Settings) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via System Settings – Mail Settings Same-Page Attribute Breakout & Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Mail Settings Configuration Fields Description The application fails to properly sanitize user-controlled input withi...

9.1CVSS6AI score0.00358EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2025/10/28 11:48 a.m.4 views

CVE-2025-40040

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise syzkaller discovered the following crash: kernel BUG 44.607039 ------------ cut here ------------ 44.607422 kernel BUG at mm/userfaultfd.c:2067! 44.608148 Oops: invalid opcode: 000...

5.5CVSS5.3AI score0.00338EPSS
Exploits0
Cvelist
Cvelist
added 2025/09/17 2:56 p.m.10 views

CVE-2023-53361 LoongArch: mm: Add p?d_leaf() definitions

In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Add p?dleaf definitions When I do LTP test, LTP test case ksm06 caused panic at breakksmpmdentry - pmdleaf Huge page table but False - ptepresent panic The reason is pmdleaf is not defined, So like commit...

0.00172EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from calling khugepaged, ksm in the wrong context...

5.5CVSS6.6AI score0.00204EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/09 12:0 a.m.8 views

The vulnerability of the “Mapping Multiple URLs Redirect Same Page” plugin of the WordPress content management system allows attackers to execute XSS attacks.

The vulnerability of the “Mapping Multiple URLs Redirect” plugin in the WordPress content management system exists due to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

6.4CVSS6.2AI score0.01713EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2022/03/28 12:0 a.m.3 views

WordPress plugin Mapping Multiple URLs Redirect Same Page 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress...

6.1CVSS5.6AI score0.01713EPSS
Exploits2References2
Fedora
Fedora
added 2020/11/05 2:11 a.m.40 views

[SECURITY] Fedora 31 Update: kata-ksm-throttler-1.11.1-1.fc31.1

This project implements a Kernel Same-page Merging throttling daemon. The Kata Containers runtime creates a virtual machine VM to isolate a set of container workloads. The VM requires a guest kernel and a guest operating system "guest OS" to boot and create containers inside the guest environment...

8.8CVSS3.1AI score0.00475EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/11/05 12:0 a.m.24 views

Fedora: Security Advisory for kata-ksm-throttler (FEDORA-2020-15a1bde727)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.00475EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/05/14 8:26 p.m.3 views

kernel: memory leak when merging buffers in SCSI IO vectors

It was found that in the Linux kernel through v4.14-rc5, biomapuseriov and biounmapuser in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bioaddpcpage merges them into one, but the page reference is never dropped, causing a...

6.5CVSS6.8AI score0.00531EPSS
Exploits0References4
Rows per page
Query Builder