8 matches found
CVE-2026-52982 net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit()
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix use-after-free in rtl8150startxmit syzbot reported a KASAN slab-use-after-free read in rtl8150startxmit when accessing skb-len for tx statistics after usbsubmiturb has been called: BUG: KASAN:...
DEBIAN-CVE-2025-22050
In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rxcomplete Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas usbnetqueueskb includes this check. This inconsistency creates a race conditio...
Kernel: smsusb: use-after-free caused by do_submit_urb()
...
Icegram Engage < 3.1.12 - Reflected XSS
The plugin does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open a page with the code below...
Menubar < 5.8 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape the command parameter before outputting it back in the response via the menubar AJAX action available to any authenticated users, leading to a Reflected Cross-Site Scripting " /...
CVE-2017-13210
In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is n...
Google Chrome Type Obfuscation Vulnerability (CNVD-2017-31823)
Google Chrome is an open source web browser. A type obfuscation vulnerability exists in Google Chrome V8, which allows remote attackers to exploit the vulnerability to submit a special request and execute arbitrary code...
Unspecified Vulnerability in Oracle E-Business Suite Oracle Interaction Center Intelligence Business Intelligence Component
Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability in the Oracle E-Business Suite Oracle Interaction Center Intelligence Business Intelligence component allows remote attackers to exploit the vulnerability to submit a special request...