42 matches found
Grafana Unauthenticated Snapshot Creation
Grafana 6.7.3 through 7.4.1 snapshot functionality can allow an unauthenticated remote attacker to trigger a Denial of Service via a remote API call if a commonly used configuration is set. id: CVE-2021-27358 info: name: Grafana Unauthenticated Snapshot Creation author: pdteam,bing0o severity: hi...
DEBIAN-CVE-2026-31567
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Drop spurious WARNON from pmrestoregfpmask Commit 35e4a69b2003f "PM: sleep: Allow pmrestrictgfpmask stacking" introduced refcount-based GFP mask management that warns when pmrestoregfpmask is called with savedgfpcount ...
EUVD-2015-0259
Malware in sbrugna...
CVE-2025-54287
Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...
EUVD-2025-32098
Malicious code in bioql PyPI...
SUSE CVE-2025-54287
Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...
CVE-2025-54287
Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...
DEBIAN-CVE-2025-54287
Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...
UBUNTU-CVE-2025-54287
Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...
CVE-2025-54287
Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...
PT-2025-40327
Name of the Vulnerable Software and Affected Versions Canonical LXD versions 4.0 and later Description A template injection issue exists in the instance snapshot creation component. An attacker with instance configuration permissions can read arbitrary files on the host system by using specially...
LXD 安全漏洞
LXD is a Canonical open source container for managing applications on Linux-based systems. A security vulnerability exists in LXD 4.0 and later versions, which stems from a template injection when the instance snapshot creation component uses the Pongo2 template engine, which could result in...
Linux Distros Unpatched Vulnerability : CVE-2024-26792
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case...
CVE-2024-56565
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all discards after creating snapshot on lvm device Piergiorgio reported a bug in bugzilla as below: ------------ cut here ------------ WARNING: CPU: 2 PID: 969 at fs/f2fs/segment.c:1330 RIP:...
PT-2024-36870
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A vulnerability in the Linux kernel has been resolved, related to the f2fs file system. The issue occurs when creating a snapshot on an LVM device, which updates the discard max bytes to zero,...
UBUNTU-CVE-2022-48733
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:createsnapshot, we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that we call...
CVE-2022-48733 btrfs: fix use-after-free after failure to create a snapshot
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:createsnapshot, we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that we call...
CVE-2024-26792
A double-free flaw was found in the btrfs filesystem in the Linux kernel that could occur after a snapshot creation failure. This flaw could potentially lead to system crashes or unintended behaviors. Mitigation Mitigation for this issue is either not available or the currently available options ...
DEBIAN-CVE-2024-26792
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second free may result in...
CVE-2024-26792
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second free may result in...