1068 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ipv4: The issue related to data races around sysctlfibmultipathhashpolicy has been fixed. When reading sysctlfibmultipathhashpolicy, it is possible for it to be changed concurrently. Therefore, we need to add READONCE to its...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013275)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013275 advisory. net/netfilter/nfconntrackstandalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007553)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007553 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpbasemss. While reading sysctltcpbasemss, it can be changed...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006806 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctlnetbusyread We need to protect the reader reading the sysctl...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006633)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006633 advisory. In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006684)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006684 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpminsndmss. While reading sysctltcpminsndmss, it can be change...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006636)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006636 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006669)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006669 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpfjitlimit. While reading bpfjitlimit, it can be changed concurrentl...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006683)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006683 advisory. In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipprotsock. sysctlipprotsock is accessed concurrently, and there ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006580)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006580 advisory. In the Linux kernel, the following vulnerability has been resolved: raw: Fix a data-race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006645 advisory. In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rdstcprcv,sndbuf: avoid using current-nsproxy As mentioned in a previous commit of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006668 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006640)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006640 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006620)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006620 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005538)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005538 advisory. In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdupdatepriority. While reading sysctlipfwdupdatepriority, it...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005514)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005514 advisory. In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading...
CVE-2019-25377
OPNsense 19.1 contains a reflected cross-site scripting vulnerability in the systemadvancedsysctl.php endpoint that allows attackers to inject malicious scripts via the value parameter. Attackers can craft POST requests with script payloads in the value parameter to execute JavaScript in the...
CVE-2019-25369
OPNsense 19.1 contains a stored cross-site scripting vulnerability in the systemadvancedsysctl.php endpoint that allows attackers to inject persistent malicious scripts via the tunable parameter. Attackers can submit POST requests with script payloads that are stored and executed in the context o...
CVE-2019-25369
OPNsense 19.1 contains a stored cross-site scripting vulnerability in the systemadvancedsysctl.php endpoint that allows attackers to inject persistent malicious scripts via the tunable parameter. Attackers can submit POST requests with script payloads that are stored and executed in the context o...
CVE-2019-25377
OPNsense 19.1 is affected by a reflected XSS in the system_advanced_sysctl.php endpoint. The vulnerability allows an attacker to inject malicious scripts via the value parameter in crafted POST requests, executing JavaScript in the context of an authenticated user session. Root cause is reflected...