CVE-2024-47408

CVE-2024-47408 affects the Linux kernel net/smc implementation. The vulnerability arises when processing a proposal message: the field smcd_v2_ext_offset in the proposal is provided by the remote client and may not be trusted. If the value of smcd_v2_ext_offset exceeds the maximum, an attacker co...

Oracle Linux 8 : dpdk (ELSA-2025-0222)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0222 advisory. 23.11-2 - Backport fixes for CVE-2024-11614 RHEL-68600 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

CVE-2025-21628 Chatwoot has a Blind SQL-injection in Conversation and Contacts filters

Chatwoot is a customer engagement suite. Prior to 3.16.0, conversation and contact filters endpoints did not sanitize the input of queryoperator passed from the frontend or the API. This provided any actor who is authenticated, an attack vector to run arbitrary SQL within the filter query by addi...

CVE-2025-22137 Arbitrary File Overwrite via HTTP POST in Pingvin Share

Pingvin Share is a self-hosted file sharing platform and an alternative for WeTransfer. This vulnerability allows an authenticated or unauthenticated if anonymous shares are allowed user to overwrite arbitrary files on the server, including sensitive system files, via HTTP POST requests. The issu...

CVE-2025-22130 Soft Serve allows path traversal attacks

Soft Serve is a self-hostable Git server for the command line. Prior to 0.8.2 , a path traversal attack allows existing non-admin users to access and take over other user's repositories. A malicious user then can modify, delete, and arbitrarily repositories as if they were an admin user without...

PT-2025-2693 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A request was rejected because it was reserved but not necessary, leading to an unused vulnerability patch. Recommendations: At the moment, there is no information about a newer...

CVE-2025-21613 go-git has an Argument Injection via the URL field

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

CVE-2024-56411 PhpSpreadsheet has Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting XSS vulnerability of the hyperlink base in the HTML page header. The HTML page is formed without sanitizing the hyperlink base. Versions 3.7.0,...

CVE-2024-56411 PhpSpreadsheet has Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 have a cross-site scripting XSS vulnerability of the hyperlink base in the HTML page header. The HTML page is formed without sanitizing the hyperlink base. Versions 3.7.0,...

CVE-2024-56410

PhpSpreadsheet has an XSS vulnerability in custom properties affecting the PhpSpreadsheet Writer Html path (class PhpOffice\PhpSpreadsheet\Writer\Html, generateMeta). Affected versions: < 3.7.0, < 2.3.5, < 2.1.6, and

CVE-2024-56409

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 are vulnerable to unauthorized reflected cross-site scripting in the Currency.php file. Using the /vendor/phpoffice/phpspreadsheet/samples/Wizards/NumberFormat/Currency.php...

CVE-2024-56199 phpMyFAQ Vulnerable to Stored HTML Injection at FAQ

phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content into the FAQ editor at http://localhost/admin/index.php?action=editentry, resulting in a complete disruption of the FAQ page's user...

CVE-2024-56799

CVE-2024-56799 concerns TrueWinter Simofa. A design flaw in the RouteLoader class before version 0.2.7 could cause certain API routes to be publicly accessible without authentication. This vulnerability affects Simofa prior to 0.2.7 and has been patched in 0.2.7. Impact details describe unauthori...

CVE-2024-56734 Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint

Better Auth is an authentication library for TypeScript. An open redirect vulnerability has been identified in the verify email endpoint of all versions of Better Auth prior to v1.1.6, potentially allowing attackers to redirect users to malicious websites. This issue affects users relying on emai...

PT-2025-2002 · D Link · D-Link Dir-816

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10CNB05 R1B011D88210 Description: A critical issue has been found in the Virtual Service Handler component, affecting the file /goform/form2AddVrtsrv.cgi. This leads to improper access controls, allowing for remote...

CVE-2024-56747 scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...

CVE-2024-56631

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sgrelease Fix a use-after-free bug in sgrelease, detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...

CVE-2024-56647 net: Fix icmp host relookup triggering ip_rt_bug

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...

CVE-2024-56593 wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...

CVE-2024-56543

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all the TIDs. Peer object for self peer will not go through dp setup. When core halts, dp cleanup is do...