CVE-2025-21892

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning the QP to...

CVE-2024-58090 sched/core: Prevent rescheduling when interrupts are disabled

In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed while loop testing kexec jump: Interrupts enabled after irqrouterresume+0x0/0x50 WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:1...

CVE-2025-21869 powerpc/code-patching: Disable KASAN report during patching via temporary mm

In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II power9 with kernel 6.13: 12.028126 ==================================================================...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mlx5 not properly handling implicit ODP parent logoffs, which could lead to task hangs...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mlx5 not handling the UMR QP recovery process correctly, which could lead to task hangs...

The vulnerability of the Lite UI user interface library used in Apache ShardingSphere ElasticJob-UI for task scheduling arises from an internal index assignment error. This error allows attackers to gain unauthorized access to protected information.

The vulnerability of the Lite UI user interface library used in the Apache ShardingSphere ElasticJob-UI task scheduling software is related to an error in the assignment of the internal interface index. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

Citrix DaaS 2402 CU2 - MCS Catalog update fails with MDM error

StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : FailedToUnregisterMasterImageFromMdm TaskStateInformation : Terminated ErrorId : FailedToUnregisterMasterImageFromMdm Operation : ImagePreparation ErrorMessage : A problem was detected while unregistering from the MDM...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the lack of authentication procedures, which allow unauthorized users to modify the status of tasks in publicly accessible projects.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the absence of authentication procedures. Exploiting this vulnerability allows a malicious actor to remotely modify the status of tasks in publicly accessible projects...

CVE-2024-50053

Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Plus versions below 14910 are vulnerable to Stored XSS in the task feature...

GHSA-4M5H-5V4Q-4XGQ aizuda snail-job Vulnerable to Deserialization via `nodeExpression` Argument

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...

CVE-2025-2622 aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserialization

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...

CVE-2025-2622 aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserialization

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to...

CVE-2024-0245

A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permissions of the vulnerable app, potentially leading to the exposure of sensitive information. An attacker can create a...

SnailJob 代码问题漏洞

SnailJob is a flexible, reliable and efficient distributed task retrying and task scheduling platform from aizuda open source. A code issue vulnerability exists in SnailJob version 1.4.0, which stems from a deserialization vulnerability...

CVE-2024-50053

Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Plus versions below 14910 are vulnerable to Stored XSS in the task feature...

CVE-2024-50053

Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Plus versions below 14910 are vulnerable to Stored XSS in the task feature...

CVE-2024-50053

CVE-2024-50053 affects ManageEngine ServiceDesk Plus (and MSP/SupportCentre Plus) prior to version 14920 (and MSP/SupportCentre prior to 14910). The vulnerability is a stored XSS in the Task feature, allowing an attacker-supplied payload to be stored and executed when a user accesses the task. Th...

CVE-2024-50053 Stored XSS

Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Plus versions below 14910 are vulnerable to Stored XSS in the task feature...

ZOHO ManageEngine ServiceDesk Plus 安全漏洞

ZOHO ManageEngine ServiceDesk Plus SDP is a set of IT service management software based on the ITIL architecture from ZOHO. The software integrates Incident Management, Problem Management, Asset Management IT Project Management, Procurement and Contract Management and other functional modules. A...

CVE-2024-0245

A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permissions of the vulnerable app, potentially leading to the exposure of sensitive information. An attacker can create a...