CVE-2022-49729 nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvlplaydeferred Similar to the handling of playdeferred in commit 19cfe912c37b "Bluetooth: btusb: Fix memory leak in playdeferred", we thought a patch might be needed here as well. Currently...

CVE-2022-49168

The CVE-2022-49168 entry concerns a Linux kernel bug in the btrfs repair path. The issue occurred when the repair submission failed and the code attempted to clean up the repair bio simultaneously with endio, creating potential use-after-free and NULL dereference conditions due to racing with bio...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nullblk: Fixed a issue where a NULL pointer dereference occurred when configuring ‘power’ and ‘submitqueues’. Writing ‘power’ and ‘submitqueues’ concurrently would trigger a kernel panic. Test script: bash modprobe nullblk...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Fixed a kernel bug caused by failing to clear the buffer delay flag. Syzbot reported that after Nilfs2 reads a corrupted file system image and becomes read-only, the BUGON check for the buffer delay flag in submitbhwbc ma...

SQL Injection

Overview yascheduler is a Yet another computing scheduler and cloud orchestration engine Affected versions of this package are vulnerable to SQL Injection in the queuesubmittask function. Remediation Upgrade yascheduler to version 1.0.7 or higher. References - GitHub Commit...

WordPress WP Frontend Submit Plugin <= 1.1.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WP Frontend Submit versions = 1.1.0...

PT-2025-4060 · Codezips · Codezips Gym Management System

Name of the Vulnerable Software and Affected Versions: Codezips Gym Management System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file "/dashboard/admin/submit plan new.php". The manipulation of the planid argument leads to s...

CVE-2025-0532

A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/newsubmit.php. The manipulation of the argument mid leads to sql injection. It is possible to launch the attack remotely. The exploit h...

Codezips Gym Management System 注入漏洞

Codezips Gym Management System is an open source gym management system from Codezips. An injection vulnerability exists in Codezips Gym Management System version 1.0, which stems from the parameter uid in the file /dashboard/admin/editmemsubmit.php that can lead to SQL injection...

PT-2025-22169

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock issue in the Linux kernel has been identified, specifically in the ivpu job submit function. This occurs due to an incorrect locking order when a thread aborts currently...

PT-2025-3233 · WordPress · Wp Securesubmit

Name of the Vulnerable Software and Affected Versions: WP SecureSubmit versions prior to 1.5.17 Description: The issue is related to a missing authorization vulnerability in WP SecureSubmit. This problem affects WP SecureSubmit versions prior to 1.5.17. Recommendations: For versions prior to...

CVE-2025-0231

A vulnerability has been found in Codezips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/submitpayments.php. The manipulation of the argument mid leads to sql injection. The attack can be launched...

Codezips Gym Management System 注入漏洞

Codezips Gym Management System is an open source gym management system from Codezips. An injection vulnerability exists in Codezips Gym Management System version 1.0, which stems from the parameter mid in the file /dashboard/admin/submitpayments.php that can lead to SQL injection...

PT-2025-2029 · Unknown · Zerowdd Studentmanager

Name of the Vulnerable Software and Affected Versions: ZeroWdd studentmanager version 1.0 Description: A vulnerability was found in the submitAddPermission function of the PermissionController.java file. The manipulation of the url argument leads to cross-site scripting. The attack may be initiat...

PT-2025-42561

Name of the Vulnerable Software and Affected Versions mediawiki affected versions not specified Description The software contains a flaw related to the escaping of the submit button label for Codex-based HTML forms. This could potentially lead to issues with how the submit button is displayed or...

PT-2026-4361

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's networking subsystem related to socket destruction. Specifically, the handshake req submit function replaces the socket's destructor sk-sk destruct bu...

PT-2025-30810

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a fence leak could occur in the submit error path within the drm/msm subsystem. In error scenarios, a submit operation might be unreferenced...

SUSE CVE-2024-53221

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fssubmitpagebio There's issue as follows when concurrently installing the f2fs.ko module and mounting the f2fs file system: KASAN: null-ptr-deref in range 0x0000000000000020-0x0000000000000027 RIP:...

SUSE CVE-2024-56552

In the Linux kernel, the following vulnerability has been resolved: drm/xe/gucsubmit: fix race around suspendpending Currently in some testcases we can trigger: xe 0000:03:00.0: drm Assertion execqueuedestroyedq failed! .... WARNING: CPU: 18 PID: 2640 at drivers/gpu/drm/xe/xegucsubmit.c:1826...

UBUNTU-CVE-2024-56552

In the Linux kernel, the following vulnerability has been resolved: drm/xe/gucsubmit: fix race around suspendpending Currently in some testcases we can trigger: xe 0000:03:00.0: drm Assertion execqueuedestroyedq failed! .... WARNING: CPU: 18 PID: 2640 at drivers/gpu/drm/xe/xegucsubmit.c:1826...