4643 matches found
UBUNTU-CVE-2022-49139
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hcisyncconncompleteevt This event is just specified for SCO and eSCO link types. On the reception of a HCISynchronousConnectionComplete for a BDADDR of an existing LE connection, LE link type and ...
UBUNTU-CVE-2022-49130
In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...
CVE-2024-13634 Post Sync <= 1.1 - Reflected XSS
The Post Sync WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13634 Post Sync <= 1.1 - Reflected XSS
The Post Sync WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13634
CVE-2024-13634 concerns the WordPress plugin Post Sync (versions
CVE-2022-49696
In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipcnamedreinit syzbot found the following issue on: ================================================================== BUG: KASAN: use-after-free in tipcnamedreinit+0x94f/0x9b0...
CVE-2022-49637
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibsyncmem. While reading sysctlfibsyncmem, it can be changed concurrently. So, we need to add READONCE to avoid a data-race...
SUSE CVE-2025-26601
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
CVE-2022-49282 f2fs: quota: fix loop condition at f2fs_quota_sync()
In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fsquotasync cnt should be passed to sbhasquotaactive instead of type to check active quota properly. Moreover, when the type is -1, the compiler with enough inline knowledge can discard...
CVE-2022-49282
In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fsquotasync cnt should be passed to sbhasquotaactive instead of type to check active quota properly. Moreover, when the type is -1, the compiler with enough inline knowledge can discard...
CVE-2022-49130 ath11k: mhi: use mhi_sync_power_up()
In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...
WordPress plugin Post Sync 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not using deltimersync before release...
PT-2025-8210 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the f2fs file system. The issue is caused by a loop condition in the f2fs quota sync function, where the cnt variable...
AZL-57295 CVE-2025-26601 affecting package xorg-x11-server 1.20.10-6
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
DEBIAN-CVE-2025-26601
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
CVE-2025-26601 Xorg: xwayland: use-after-free in syncinittrigger()
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
CVE-2025-26601
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
UBUNTU-CVE-2025-26601
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
Vulnerabilities of components of the Linux operating system’s kernel, which allow a hacker to cause a service failure
The vulnerability of the Linux operating system’s kernel components relates to the absence of memory release after the effective service life in the function ssamrequestsync. Exploiting this vulnerability can allow an attacker to cause a service failure...