5.5
CVE-2024-56779 - nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequently, if an action aβ¦
5.5
CVE-2024-56783 - netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove unnβ¦
5.5
CVE-2024-56770 - net/sched: netem: account for backlog updates from child qdisc
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of netem, 'qlen' onlyβ¦
9.8
CVE-2018-4301 -
This issue is fixed in SCSSU-201801. A potential stack based buffer overflow existed in GemaltoKeyHandle.cpp.
10
CVE-2025-22133 - WeGIA Allows Arbitrary File Upload with Remote Code Execution (RCE)
WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious files, such as .phar, whiβ¦
8.3
CVE-2025-22132 - WeGIA has a Cross-Site Scripting (XSS) in File Upload Field
WeGIA is a web manager for charitable institutions. A Cross-Site Scripting (XSS) vulnerability was identified in the file upload functionality of the WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. By uploading a file containing malicious JavaScript code, an attacker can execute arbβ¦
0.0
CVE-2025-22756 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2025-0218 - pgAgent scheduled batch job scripts are created in a predictable temporary directory potentially alβ¦
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create β¦
5.3
CVE-2025-0301 - code-projects Online Book Shop subcat.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Online Book Shop 1.0. Affected by this issue is some unknown functionality of the file /subcat.php. The manipulation of the argument catnm leads to cross site scripting. The attack may be launched remotely. The exβ¦
7.2
CVE-2024-54007 - Authenticated Remote Command Injection Vulnerability in the Web Interface of a 501 Wireless Client β¦
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged useβ¦