DedeCMS 5.7.109 - Server-Side Request Forgery

Manipulation of the rssurl parameter in codo.php leads to server-side request forgery in DedeCMS version 5.7.109. id: CVE-2023-3578 info: name: DedeCMS 5.7.109 - Server-Side Request Forgery author: ritikchaddha severity: critical description: | Manipulation of the rssurl parameter in codo.php lea...

WordPress Integrator 1.32 - Cross-Site Scripting

A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php. id: CVE-2012-5913 info: name: WordPress Integrator 1.32 - Cross-Site Scripti...

Linux Distros Unpatched Vulnerability : CVE-2024-26604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Revert kobject: Remove redundant checks for whether ktype is NULL This reverts commit...

Linux Distros Unpatched Vulnerability : CVE-2022-50105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/spufs: Fix refcount leak in spufsinitisolatedloader offindnodebypath returns remote device nodepointer with refcount incremented, we should use ofnodepu...

Linux Distros Unpatched Vulnerability : CVE-2022-31741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2024-42087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep The ilitek-ili9881c controls the reset GPIO using the non-sleeping gpiodsetvalue...

Linux Distros Unpatched Vulnerability : CVE-2025-38017

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64...

Linux Distros Unpatched Vulnerability : CVE-2024-26711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clkinitdata struct does not have all i...

Linux Distros Unpatched Vulnerability : CVE-2024-26685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may...

Linux Distros Unpatched Vulnerability : CVE-2025-21698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Revert usb: gadget: userial: Disable ep before setting port to null to fix the crash caused ...

Linux Distros Unpatched Vulnerability : CVE-2024-50068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/damon/tests/sysfs-kunit.h: fix memory leak in damonsysfstestaddtargets The...

Linux Distros Unpatched Vulnerability : CVE-2024-53043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry...

Linux Distros Unpatched Vulnerability : CVE-2024-53124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk-skforwardalloc Syzkaller reported this warning: ------------ c...

Linux Distros Unpatched Vulnerability : CVE-2025-21680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in getimixentries Passing a sufficient amount of imix...

Linux Distros Unpatched Vulnerability : CVE-2025-21701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are...

Linux Distros Unpatched Vulnerability : CVE-2025-21741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processe...

Linux Distros Unpatched Vulnerability : CVE-2024-8035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome on Windows prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTM...

Linux Distros Unpatched Vulnerability : CVE-2024-49860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPI: sysfs: validate return type of STR method Only buffer objects are valid return values of STR. If something else is returned descriptionshow will access...

Linux Distros Unpatched Vulnerability : CVE-2024-6997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially...

Linux Distros Unpatched Vulnerability : CVE-2024-49850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: correctly handle malformed BPFCORETYPEIDLOCAL relos In case of malformed relocation...