56 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: net: sfp: fixed a memory leak in sfpprobe The sfpprobe function allocates a memory chunk from the sfp structure using sfpalloc. When devmaddaction fails, the sfp structure is not freed, leading to a memory leak. We should use...
CVE-2023-4888
The Simple Like Page Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sfp-page-plugin' shortcode in versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
EUVD-2025-201902
An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41752
An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41752 Reflected XSS vulnerability in pxc_portSfp.php
An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
CVE-2025-41752
CVE-2025-41752 describes a reflected XSS in pxc_portSfp.php that can be exploited by an unauthenticated attacker to entice an authenticated user to click a malicious link and modify device configuration via web-based management. The vulnerability is reported as affecting PHOENIX CONTACT FL SWITCH...
PT-2025-49823
An XSS vulnerability in pxc portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989812)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989812 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc...
EUVD-2016-9444
Malware in sbrugna...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986631)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986631 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc...
EUVD-2022-27381
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-8597
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the cspsfprecvfp in cspsfp.c in the libcsp library v1.4 and earlier allows hostile components with network access to the SFP underlying netwo...
SUSE CVE-2022-49619
In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc. When devmaddaction fails, sfp is not freed, which leads to a memory leak. We should use devmaddactionorreset instead of devmaddaction...
UBUNTU-CVE-2022-49619
In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc. When devmaddaction fails, sfp is not freed, which leads to a memory leak. We should use devmaddactionorreset instead of devmaddaction...
CVE-2022-49619 net: sfp: fix memory leak in sfp_probe()
In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc. When devmaddaction fails, sfp is not freed, which leads to a memory leak. We should use devmaddactionorreset instead of devmaddaction...
PT-2025-8552 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the sfp probe function. This function allocates memory using sfp alloc, but when devm add action fails, the...
CVE-2024-46842
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not handled in lpfcgetsfpinfo and the routine unconditionally frees submitted mailbox commands regardless of return status. The issue is that for...
AZL-50135 CVE-2024-46842 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not handled in lpfcgetsfpinfo and the routine unconditionally frees submitted mailbox commands regardless of return status. The issue is that for...
UBUNTU-CVE-2024-46842
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not handled in lpfcgetsfpinfo and the routine unconditionally frees submitted mailbox commands regardless of return status. The issue is that for...
CVE-2024-46842 scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not handled in lpfcgetsfpinfo and the routine unconditionally frees submitted mailbox commands regardless of return status. The issue is that for...