56 matches found
CVE-2020-22540
Stored Cross-Site Scripting XSS vulnerability in Codoforum v4.9, allows attackers to execute arbitrary code and obtain sensitive information via crafted payload to Category name component...
CVE-2020-22539
An arbitrary file upload vulnerability in the Add Category function of Codoforum v4.9 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2020-22539
An arbitrary file upload vulnerability in the Add Category function of Codoforum v4.9 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2020-22540
Stored Cross-Site Scripting XSS vulnerability in Codoforum v4.9, allows attackers to execute arbitrary code and obtain sensitive information via crafted payload to Category name component...
CVE-2020-22539
CVE-2020-22539 : An arbitrary file upload vulnerability in the Add Category function of Codoforum v4.9 allows attackers to execute arbitrary code by uploading a crafted file. Multiple sources (NVD, Red Hat, CNNVD, CVE lists, PT Security) confirm the issue and affected product/version. The primary...
GSD-2023-1000274 Bluetooth: Fix not cleanup led when bt_init fails
Bluetooth: Fix not cleanup led when btinit fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.227 by commit...
GSD-2023-1000134 Bluetooth: Fix not cleanup led when bt_init fails
Bluetooth: Fix not cleanup led when btinit fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commit...
GSD-2022-1007904 net: ena: Fix error handling in ena_init()
net: ena: Fix error handling in enainit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...
GSD-2022-1007779 net: macvlan: fix memory leaks of macvlan_common_newlink
net: macvlan: fix memory leaks of macvlancommonnewlink This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.9 by commit...
GSD-2022-1007401 tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown
tty: serial: fsllpuart: disable dma rx/tx use flags in lpuartdmashutdown This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...
GSD-2022-1005849 RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
RDMA/qedr: Fix potential memory leak in qedrallocmr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
GSD-2022-1005590 RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()
RDMA/qedr: Fix potential memory leak in qedrallocmr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
GSD-2022-1005213 rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
rpmsg: qcomsmd: Fix refcount leak in qcomsmdparseedge This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
GSD-2022-1004801 xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
xen/netback: avoid entering xenvifrxnextskb with an empty rx queue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.253 by commit...
GSD-2022-1003588 rxrpc: Fix listen() setting the bar too high for the prealloc rings
rxrpc: Fix listen setting the bar too high for the prealloc rings This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...
GSD-2022-1003534 net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()
net: ethernet: mtkethsoc: out of bounds read in mtkhwlrogetfdirentry This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.122 by commit...
GSD-2022-1002722 rxrpc: Fix listen() setting the bar too high for the prealloc rings
rxrpc: Fix listen setting the bar too high for the prealloc rings This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...
GSD-2022-1002463 gcc-plugins: latent_entropy: use /dev/urandom
gcc-plugins: latententropy: use /dev/urandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.311 by commit...
GSD-2022-1002387 gcc-plugins: latent_entropy: use /dev/urandom
gcc-plugins: latententropy: use /dev/urandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.276 by commit...
GSD-2022-1002330 ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
ubifs: Fix deadlock in concurrent rename whiteout and inode writeback This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.238 by commit...