378 matches found
CVE-2021-47164
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bondenslave the active/backup slave being set before setting the upper dev so first event is without an upper dev. After...
BIT-DISCOURSE-2023-38684 Discourse vulnerable to ossible DDoS due to unbounded limits in various controller actions
Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values being accepted. Without an...
DEBIAN-CVE-2021-47102
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix incorrect structure access In line: upper = info-upperdev; We access upperdev field, which is related only for particular events e.g. event == NETDEVCHANGEUPPER. So, this line cause invalid memory acce...
SUSE CVE-2021-46963
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxxmqueuecommand RIP: 0010:kmemcachefree+0xfa/0x1b0 Call Trace: qla2xxxmqueuecommand+0x2b5/0x2c0 qla2xxx scsiqueuerq+0x5e2/0xa40 blkmqtryissuedirectly+0x128/0x1d0 blkmqrequestissuedirectly+0x4e/0xb...
UBUNTU-CVE-2021-46963
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxxmqueuecommand RIP: 0010:kmemcachefree+0xfa/0x1b0 Call Trace: qla2xxxmqueuecommand+0x2b5/0x2c0 qla2xxx scsiqueuerq+0x5e2/0xa40 blkmqtryissuedirectly+0x128/0x1d0 blkmqrequestissuedirectly+0x4e/0xb...
UBUNTU-CVE-2024-26596
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdevpriv dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEVCHANGEUPPER and NETDEVPRECHANGEUPPER event in the system. static inline stru...
Mageia: Security Advisory (MGASA-2024-0023)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...