9 matches found
CVE-2026-31711
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix activenumconn leak on transport allocation failure Commit 77ffbcac4e56 "smb: server: fix leak of activenumconn in ksmbdtcpnewconnection" addressed the kthreadrun failure path. The earlier alloctransport == NULL...
GHSA-2PM6-9FHX-VVG3 The mailqueue TYPO3 extension has Insecure Deserialization in `TransportFailure` class
Description The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...
The mailqueue TYPO3 extension has Insecure Deserialization in `TransportFailure` class
Description The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...
CVE-2026-1323
The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...
CVE-2026-1323 Insecure Deserialization in extension "Mailqueue" (mailqueue)
The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...
CVE-2026-1323
CVE-2026-1323 highlights an insecure deserialization flaw in the TYPO3 mailqueue extension, specifically in the TransportFailure class. An attacker could execute untrusted serialized code, but an active exploit requires write access to the directory configured by $GLOBALS['TYPO3_CONF_VARS']['MAIL...
CVE-2026-1323 Insecure Deserialization in extension "Mailqueue" (mailqueue)
The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...
CVE-2026-1323
The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the netpoll module not initializing the UDP checksum field, which could lead to an IPv6 transport failure...