[SECURITY] [DLA 4224-1] node-send security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4224-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 23, 2025 https://wiki.debian.org/LTS -...

Debian dla-4224 : node-send - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4224 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4224-1 [email protected] https://www.debian.org/lts/security/...

DLA-4224-1 node-send - security update

Bulletin has no description...

DEBIAN-CVE-2022-50172

In the Linux kernel, the following vulnerability has been resolved: mt76: mt76x02u: fix possible memory leak in mt76x02umcusendmsg Free the skb if mt76ubulkmsg fails in mt76x02umcusendmsg routine...

UBUNTU-CVE-2022-50172

In the Linux kernel, the following vulnerability has been resolved: mt76: mt76x02u: fix possible memory leak in mt76x02umcusendmsg Free the skb if mt76ubulkmsg fails in mt76x02umcusendmsg routine...

UBUNTU-CVE-2022-50055

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Witho...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ndisc: Extended RCU protection has been added to ndiscsendskb. The ndiscsendskb function can be called without holding RTNL or RCU. The rcureadlock function must be acquired earlier, so that we can use devnetrcu, and potential...

kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...

PT-2025-27960

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the atmtcp c send function in the Linux kernel, where it accesses skb-data as struct atmtcp hdr after checking if skb-len is 0, but this check is not sufficient...

PT-2025-27965

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, related to the Asynchronous Transfer Mode ATM protocol. The problem occurs when the copy from iter full function fails in vcc sendmsg,...

PT-2025-27420

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A heap overwrite issue has been identified in the Linux kernel, specifically in the drivers/rapidio/rio cm.c file. The problem arises from the riocm ch send function not checking if...

VulnCheck KEV: CVE-2024-31839

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component...

📄 Adapt CMS 3.0.3 Cross Site Scripting

Adapt CMS version 3.0.3 suffers from a persistent cross site scripting vulnerability in the Send Message functionality. Exploit Title: Stored XSS "Send Message" Functionality - adaptcmsv3.0.3 Date: 06/2025 Exploit Author: Andrey Stoykov Version: 3.0.3 Tested on: Debian 12 Blog:...

The vulnerability of the bpf_send_signal_common() function in the Linux kernel component of the MM module allows a hacker to trigger a service failure.

The vulnerability of the bpfsendsignalcommon function in the Linux kernel component is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to trigger a system failure...

The vulnerability of the `ioctl_send_response()` function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ioctlsendresponse function in the Linux operating system is related to the lack of memory release. Exploiting this vulnerability could allow an attacker to trigger a service failure...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14383)

FreeFloat FTP Server is a FTP Server software developed by FreeFloat Inc. A buffer overflow vulnerability exists in FreeFloat FTP Server. The vulnerability stems from the failure of the SEND command handler to properly process user input, and no details of the vulnerability are provided at this...

CVE-2025-5076

A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown functionality of the component SEND Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the publi...

CVE-2024-43208

Missing Authorization vulnerability in Matt Miller Send Emails with Mandrill send-emails-with-mandrill allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Send Emails with Mandrill: from n/a through = 1.4.1...

CVE-2024-40464

An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file...

CVE-2024-6224

The Send email only on Reply to My Comment WordPress plugin through 1.0.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...