4581 matches found
WordPress plugin Woocommerce osCommerce Sync 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
DEBIAN-CVE-2022-49733
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is called from OSS PCM SNDCTLDSPSYNC ioctl; namely the function calls sndpcmossmakeready at first, then takes the paramslock mutex for t...
CVE-2022-49733 ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is called from OSS PCM SNDCTLDSPSYNC ioctl; namely the function calls sndpcmossmakeready at first, then takes the paramslock mutex for t...
SUSE CVE-2024-58013
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in...
DEBIAN-CVE-2024-58013
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in...
SUSE CVE-2022-49130
In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...
SUSE CVE-2022-49282
In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fsquotasync cnt should be passed to sbhasquotaactive instead of type to check active quota properly. Moreover, when the type is -1, the compiler with enough inline knowledge can discard...
SUSE CVE-2022-49309
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix deadlock in rtwsurveydoneeventcallback There is a deadlock in rtwsurveydoneeventcallback, which is shown below: Thread 1 | Thread 2 | settimer rtwsurveydoneeventcallback| modtimer spinlockbh //1 |...
SUSE CVE-2022-49311
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192bs: Fix deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, which is shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle| modtimer spinlockbh //1 | wait ...
SUSE CVE-2022-49493
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645i2cremove first cancel the &rt5645-jackdetectwork and delete the &rt5645-btnchecktimer latter. However, since the...
SUSE CVE-2022-49555
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling deltim...
SUSE CVE-2022-49696
In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipcnamedreinit syzbot found the following issue on: ================================================================== BUG: KASAN: use-after-free in tipcnamedreinit+0x94f/0x9b0...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
Security update for xorg-x11-server
This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...
CVE-2024-13634
The Post Sync WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
DEBIAN-CVE-2022-49696
In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipcnamedreinit syzbot found the following issue on: ================================================================== BUG: KASAN: use-after-free in tipcnamedreinit+0x94f/0x9b0...
CVE-2022-49637
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed concurrently. So, we need to add READONCE to avoid a data-race...
DEBIAN-CVE-2022-49555
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling deltim...
DEBIAN-CVE-2022-49493
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645i2cremove first cancel the &rt5645-jackdetectwork and delete the &rt5645-btnchecktimer latter. However, since the...
DEBIAN-CVE-2022-49309
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix deadlock in rtwsurveydoneeventcallback There is a deadlock in rtwsurveydoneeventcallback, which is shown below: Thread 1 | Thread 2 | settimer rtwsurveydoneeventcallback| modtimer spinlockbh //1 |...