66 matches found
UBUNTU-CVE-2024-8654
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3...
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour
MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3...
CVE-2023-31546
Cross Site Scripting XSS vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature...
Cross site scripting
Cross Site Scripting XSS vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature...
CVE-2023-31546
Consolidated details show: Affected product is DedeBIZ v6.0.3. The vulnerability is a Cross Site Scripting (XSS) flaw exploitable via the search feature , allowing an attacker to run arbitrary code in the context of a user session. Root cause identified as improper handling of input in the search...
CVE-2023-31546
Cross Site Scripting XSS vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature...
GSD-2022-1006920 io_uring/af_unix: defer registered files gc to io_uring release
iouring/afunix: defer registered files gc to iouring release This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006916 i2c: designware: Fix handling of real but unexpected device interrupts
i2c: designware: Fix handling of real but unexpected device interrupts This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006913 regulator: qcom_rpm: Fix circular deferral regression
regulator: qcomrpm: Fix circular deferral regression This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006912 RISC-V: Make port I/O string accessors actually work
RISC-V: Make port I/O string accessors actually work This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006900 mm/uffd: fix warning without PTE_MARKER_UFFD_WP compiled in
mm/uffd: fix warning without PTEMARKERUFFDWP compiled in This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006896 ksmbd: fix incorrect handling of iterate_dir
ksmbd: fix incorrect handling of iteratedir This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006894 NFSD: Protect against send buffer overflow in NFSv3 READ
NFSD: Protect against send buffer overflow in NFSv3 READ This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006886 jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
jbd2: fix potential use-after-free in jbd2fcwaitbufs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006883 ext4: avoid crash when inline data creation follows DIO write
ext4: avoid crash when inline data creation follows DIO write This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006878 rpmsg: char: Avoid double destroy of default endpoint
rpmsg: char: Avoid double destroy of default endpoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006872 drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
drm/nouveau: fix a use-after-free in nouveaugemprimeimportsgtable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006869 erofs: fix order >= MAX_ORDER warning due to crafted negative i_size
erofs: fix order = MAXORDER warning due to crafted negative isize This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006868 NFSD: Protect against send buffer overflow in NFSv2 READDIR
NFSD: Protect against send buffer overflow in NFSv2 READDIR This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006866 wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
wifi: ath10k: add peer map clean up for peer delete in ath10kstastate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...