52 matches found
EUVD-2026-41213
Craft CMS: Potential authenticated Remote Code Execution via referrer redirect...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-123 (ALASKERNEL-5.10-2026-123)
The version of kernel installed on the remote host is prior to 5.10.258-257.1041. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-123 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsnew inode in the file fs/nilfs2/inode.c of the BPF component. This vulnerability allows for manipulation after the memory allocation function free is called. The attack ca...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Check the bearer type before calling tipcudpnlbeareradd syzbot reported the following general protection fault 1: General protection fault, likely for non-canonical address 0xdffffc0000000010: 0000 1 PREEMPT SMP KASAN...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a deadlock during uvcprobe If uvcprobe fails, it may end up calling uvcstatusunregister before uvcstatusinit is called. This issue was fixed by checking whether dev-status is NULL during uvcstatusunregister...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ARM: In the dts section, for the qcom subsystem, change the gcc PXO parameter to pxoboard fixed clock. Replace the gcc PXO handle with the pxoboard fixed clock value declared in the dts file. The gcc driver does not provide PXOSR...
AZL-72901 CVE-2025-68615 affecting package net-snmp for versions less than 5.9.5.2-1
net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...
ALPINE-CVE-2025-68615
net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...
CVE-2025-68615 Net-SNMP snmptrapd crash
net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-060)
The version of kernel installed on the remote host is prior to 5.10.217-205.860. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-060 advisory. In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial...
CVE-2024-1659 Arbitrary File Upload in MegaBIP
Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the server including a PHP code file without an authentication. This issue affects MegaBIP software versions through 5.10...
DLA-3512-1 linux-5.10 - security update
Bulletin has no description...
Trellix ePolicy Orchestrator 跨站脚本漏洞
Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 SP1 Update 1, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability. The vulnerability can...
GSD-2023-1002359 Fix page corruption caused by racy check in __free_pages
Fix page corruption caused by racy check in freepages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.94 by commit...
GSD-2023-1000901 ext4: don't set up encryption key during jbd2 transaction
ext4: don't set up encryption key during jbd2 transaction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...
GSD-2023-1000758 ASoC: qcom: Add checks for devm_kcalloc
ASoC: qcom: Add checks for devmkcalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit 7830e2289eb4b74970b6cd1b6cc68dcd021c228...
GSD-2023-1000465 staging: media: tegra-video: fix device_node use after free
staging: media: tegra-video: fix devicenode use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...
GSD-2023-1000439 ext4: don't set up encryption key during jbd2 transaction
ext4: don't set up encryption key during jbd2 transaction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...
GSD-2023-1000233 char: tpm: Protect tpm_pm_suspend with locks
char: tpm: Protect tpmpmsuspend with locks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.158 by commit...