UBUNTU-CVE-2026-22985

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off are performed befor...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2025-1254)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1254 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: always use READONCE to read ring provided buffer lengths CVE-2025-39816 In the Linux kernel, the following...

CVE-2022-50562 tpm: acpi: Call acpi_put_table() to fix memory leak

In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpiputtable to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpigettable to get the ACPI information, but the acpigettable should be coupled with...

EUVD-2023-54560

Malicious code in bioql PyPI...

CVE-2022-50389

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmcrb: Add the missed acpiputtable to fix memory leak In crbacpiadd, we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is not used after the init, shou...

Linux Distros Unpatched Vulnerability : CVE-2021-47109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUDNOARP entries to be forced GCed IFFPOINTOPOINT interfaces use NUDNOARP...

CVE-2025-38084

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...

CVE-2025-22090

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VMPAT handling when fork fails in copypagerange If trackpfncopy fails, we already added the dst VMA to the maple tree. As fork fails, we'll cleanup the maple tree, and stumble over the dst VMA for which we neither...

CVE-2023-52934

In the Linux kernel, the following vulnerability has been resolved: mm/MADVCOLLAPSE: catch !none !huge !bad pmd lookups In commit 34488399fa08 "mm/madvise: add file and shmem support to MADVCOLLAPSE" we make the following change to findpmdorthpornone: - if !pmdpresentpmde - return SCANPMDNULL; + ...

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

CVE-2024-46897

Affected software: Exment (web app). Vulnerability: CVE-2024-46897 is an Incorrect Permission Assignment for a Critical Resource affecting Exment versions 6.1.4 and earlier and 5.0.11 and earlier. A logged-in user with the permission to manage tables may access and/or modify information in unauth...

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

JVN#74538317: Multiple vulnerabilities in Exment

Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N Base Score 3.8 CVE-2024-46897 Stored Cross-site Scripting CWE-79...

WordPress WP-Table-Reloaded Cross Site Scripting

Exploit Title: Wordpress wp-table-reloadedþ plugin cross-site scripting in SWF Release Date: 24/01/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/wp-table-reloaded.latest-stable.zip Vendor Homepage:...