56 matches found
PT-2026-41784
Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description OpenTelemetry eBPF Instrumentation exports raw Redis error text as the span status message. Because Redis error replies can contain sensitive values or attacker-controlled...
Svelte: ReDoS in `<svelte:element>` Tag Validation
An internal regex in the Svelte runtime can take exponential time to test in . You are only vulnerable to this if you allow tags of unconstrained length. If your application only allows a predetermined list of tags or trims their length before passing them to svelte:element, you are safe...
CVE-2025-71237 nilfs2: Fix potential block overflow that cause system hang
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix potential block overflow that cause system hang When a user executes the FITRIM command, an underflow can occur when calculating nblocks if endblock is too small. Since nblocks is of type sectort, which is u64, a...
CVE-2023-53867
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
SUSE CVE-2023-53867
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
CVE-2023-53867
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
CVE-2023-53867
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
UBUNTU-CVE-2023-53867
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
CVE-2023-53867 ceph: fix potential use-after-free bug when trimming caps
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
CVE-2023-53867
CVE-2023-53867 affects the Linux kernel ceph subsystem. A potential use-after-free occurs when trimming caps in ceph_iterate_session_caps(): after releasing session->s_cap_lock, a cap could be removed by another thread and then the stale cap memory is used in callbacks. The fix adds a check fo...
CVE-2023-53867 ceph: fix potential use-after-free bug when trimming caps
In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...
PT-2025-52942
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Ceph subsystem related to capability trimming. Specifically, a use-after-free condition can occur when trimming capabilities after releasing t...
Linux Distros Unpatched Vulnerability : CVE-2023-53867
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the...
kernel: block: fix adding folio to bio
In the Linux kernel, the following vulnerability has been resolved: block: fix adding folio to bio 4GB folio is possible on some ARCHs, such as aarch64, 16GB hugepage is supported, then 'offset' of folio can't be held in 'unsigned int', cause warning in bioaddfolionofail and IO failure. Fix it by...
EUVD-2018-9218
Malware in sbrugna...
EUVD-2020-7238
Malware in sbrugna...
EUVD-2023-0397
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-17465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via ...
CVE-2023-23612
OpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store role claims obtained from the Identity Provider IdP when the authentication backend is SAML or OpenID Connect. There is an issue in how those claims are processed from the JWTs where the leading and...
CVE-2020-15164
in Scratch Login MediaWiki extension before version 1.1, any account can be logged into by using the same username with leading, trailing, or repeated underscores, since those are treated as whitespace and trimmed by MediaWiki. This affects all users on any wiki using this extension. Since versio...