1740 matches found
SUSE CVE-2022-49360
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...
SUSE CVE-2022-49380
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid f2fsbugon in decvalidnodecount As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215897 I have encountered a bug in F2FS file system in kernel v5.17. The kernel should enable...
SUSE CVE-2022-49560
In the Linux kernel, the following vulnerability has been resolved: exfat: check if cluster num is valid Syzbot reported slab-out-of-bounds read in exfatclearbitmap. This was triggered by reproducer calling truncute with size 0, which causes the following trace: BUG: KASAN: slab-out-of-bounds in...
DEBIAN-CVE-2022-49560
In the Linux kernel, the following vulnerability has been resolved: exfat: check if cluster num is valid Syzbot reported slab-out-of-bounds read in exfatclearbitmap. This was triggered by reproducer calling truncute with size 0, which causes the following trace: BUG: KASAN: slab-out-of-bounds in...
DEBIAN-CVE-2022-49360
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...
UBUNTU-CVE-2022-49360
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...
UBUNTU-CVE-2022-49380
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid f2fsbugon in decvalidnodecount As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215897 I have encountered a bug in F2FS file system in kernel v5.17. The kernel should enable...
CVE-2022-49380
The CVE-2022-49380 entry concerns a Linux kernel F2FS bug where total_valid_block_count/total_valid_node_count could fuzz to zero, leading to a BUG_ON() during dec_valid_node_count() in f2fs_remove_inode_page()/f2fs_evict_inode(). The issue was fixed by printing a warning and changing behavior to...
CVE-2022-49318 f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
In the Linux kernel, the following vulnerability has been resolved: f2fs: remove WARNON in f2fsisvalidblkaddr Syzbot triggers two WARNs in f2fsisvalidblkaddr and isbitmapvalid. For example, in f2fsisvalidblkaddr, if type is DATAGENERICENHANCE or DATAGENERICENHANCEREAD, it invokes WARNON if blkadd...
Exploit for CVE-2025-20029
CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP A...
The vulnerability of the verify_url_valid() function in the Activitypub-Federation framework, a platform for creating and managing communities in the Lemmy ecosystem, allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the verifyurlvalid function in the Activitypub-Federation framework, a platform for creating and managing communities in the Lemmy community, is related to insufficient validation of requests on the server side. Exploiting this vulnerability could allow an attacker to bypass...
CVE-2025-1101
A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests...
BELL-CVE-2025-1182
Bulletin has no description...
CVE-2023-37482
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...
CVE-2024-54772
An issue was discovered in the Winbox service of MikroTik RouterOS long-term release v6.43.13 through v6.49.13 and stable v6.43 through v7.17.2. A patch is available in the stable release v6.49.18. A discrepancy in response size between connection attempts made with a valid username and those wit...
CVE-2024-54772
An issue was discovered in the Winbox service of MikroTik RouterOS long-term release v6.43.13 through v6.49.13 and stable v6.43 through v7.17.2. A patch is available in the stable release v6.49.18. A discrepancy in response size between connection attempts made with a valid username and those wit...
Siemens Web Server User Enumeration Vulnerability in Various SIMATIC Products
SIMATIC Drive Controllers are designed for the automation of production machines, combining the functionality of SIMATIC S7-1500 CPUs and SINAMICS S120 drive controls.SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller. The SIMATIC S7-1200 CPU products are...
Exploit for Observable Timing Discrepancy in Mikrotik Routeros
CVE-2024-54772 MikroTik-RouterOS Username Enum This repo con...
CVE-2025-20170
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...
CVE-2025-20175
CVE-2025-20175 describes a DoS vulnerability in the SNMP subsystem of Cisco IOS Software, IOS XE, and IOS XR caused by improper error handling when parsing SNMP requests. An authenticated, remote attacker can exploit this by sending a crafted SNMP request, potentially forcing the device to reload...