Astra Linux - уязвимость в linux-5.10, linux

In rndisqueryoid in drivers/net/wireless/rndiswlan.c within the Linux kernel, from version 6.1.5 onwards, there is an integer overflow in a mathematical operation...

@chocolatey-software/astro (>=2.7.0 <=2.8.0), @kyro-cms/admin (=0.1.2) +9 more potentially affected by CVE-2026-41067 via astro (>=6.0.0-beta.1 <=6.1.5)

astro NPM version =6.0.0-beta.1, =2.7.0, =0.19.0, =0.19.0, =1.10.0, =1.0.0, =1.4.2, =0.0.1, =0.0.1, =0.0.7 Source cves: CVE-2026-41067 Source advisory: SNYK:JS-ASTRO-16119128...

Grafana Loki Path Traversal - CVE-2021-36156 Bypass

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/namespace Thanks to Prasanth Sundararajan for reporting this vulnerability...

AZL-51243 CVE-2024-47719 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...

AZL-51023 CVE-2024-47698 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832pidfilter does not exceed 31 to prevent out-of-bounds access. dev-filters is a 32-bit value, so setbit and clearbit functions should...

AZL-51005 CVE-2024-47671 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmcwrite, we need to clear the structure before filling fields...

CVE-2023-51537

Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.5...

CVE-2023-51538

Cross-Site Request Forgery CSRF vulnerability in Awesome Support Team Awesome Support – WordPress HelpDesk & Support Plugin.This issue affects Awesome Support – WordPress HelpDesk & Support Plugin: from n/a through 6.1.5...

ThinkAdmin Security Vulnerability

ThinkAdmin is a general purpose backend management system based on the ThinkPHP framework. A security vulnerability exists in ThinkAdmin version v6.1.53. An attacker can exploit this vulnerability to download malicious PHP files by providing a specially crafted URL to obtain a shell...

VulnCheck KEV: CVE-2023-30777

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins = 6.1.5 versions...

UBUNTU-CVE-2023-23559

In rndisqueryoid in drivers/net/wireless/rndiswlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition...

DEBIAN-CVE-2020-26215

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for know...