CVE-2022-49111 Bluetooth: Fix use after free in hci_send_acl

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hcisendacl This fixes the following trace caused by receiving HCIEVDISCONNPHYLINKCOMPLETE which does call hciconndel without first checking if conn-type is in fact AMPLINK and in case it is do...

CVE-2022-49081

Summary (CVE-2022-49081) : Linux kernel vulnerability in highmem handling (__kmap_local_sched_in/out). When CONFIG_DEBUG_KMAP_LOCAL is enabled, checks on tsk->kmap_ctrl.pteval could misinterpret zeroed slots as unmapped, triggering runtime warnings. The root cause is comparing to pte_none for ...

CVE-2022-49081 highmem: fix checks in __kmap_local_sched_{in,out}

In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in kmaplocalschedin,out When CONFIGDEBUGKMAPLOCAL is enabled kmaplocalschedin,out check that even slots in the tsk-kmapctrl.pteval are unmapped. The slots are initialized with 0 value, but the check is done wi...

PT-2025-14292

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock issue in the Linux kernel has been resolved. The problem occurred when the fence release processing was not properly handled, leading to potential recursive locking detected...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized nelem field during abort all task initialization in pm8001, which could result in an invali...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a task leak in scsi: pm8001...

General Data Protection Regulation - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-018

The GDPR Task submodule enables you to create GDPR tasks. The module doesn't sufficiently protect against Cross Site Request Forgery CSRF attacks by validating user identity and intent when creating tasks...

PT-2025-14278 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the pick task scx function picking non-queued tasks when called without balance. The issue arises from a fair class bu...

PT-2025-28009

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition in the Linux kernel's scheduler can cause crashes, including kernel panics with various crash signatures such as assert failures, page faults, null pointer dereference...

February 25, 2025—KB5052093 (OS Build 26100.3323) Preview

February 25, 2025—KB5052093 OS Build 26100.3323 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 24H2, see its update history page. Note Follow @WindowsUpdate t...

The vulnerability of the task and project management service WEEEK lies in the lack of measures taken to protect the website structure, allowing a perpetrator to execute arbitrary JavaScript code.

The vulnerability of the WEEEK task and project management service is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a remote attacker to execute arbitrary JavaScript code...

CVE-2025-22207

Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of comscheduler...

CVE-2025-22207

CVE-2025-22207 is a Joomla! SQL injection in the backend task list of the com_scheduler component caused by improperly built ORDER clauses. Affected versions include Joomla! 4.x earlier than 4.4.11 and 5.x earlier than 5.2.4, per connected scanner/NVD data. The vulnerability allows an attacker to...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the download function due to improper input validation when processing image references during task exports. . An attacker can access files outside the intended directory structure by creating tasks with path...

Directory Traversal

Overview label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Directory Traversal via the download function due to improper input validation when processing image references during task exports. . An attacker can access files outside the intended...

CVE-2023-42663

Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated wit...

CVE-2023-39508

Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...

CVE-2024-28276

Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scripting XSS via add-task.php?taskname=...

CVE-2024-28277

In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subjectname= parameter, enabling Stored Cross-Site Scripting XSS attacks. This vulnerability allows attackers to manipulate the subject's name, potentially leading to the execution of malicious JavaScript payloa...

CVE-2024-26517

SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php component...