A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_05
In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don’t rely on user vaddr alignment There is no guaranteed alignment for user pointers, however the calculation of an offset of the first...
In the Linux kernel, the following vulnerability has been resolved: pidfs: validate extensible ioctls Validate extensible ioctls stricter than we do now. More information : https://git.kernel.org/stable/c/3c17001b21b9f168c957ced9384abe969019b609
In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success DAMON’s virtual address space operation set implementation (vaddr) calls pte_offset_map_lock() inside the page table walk callback function....
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriov_disable() first removes the PCI...
A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of the file admin79f2ec220c7e.php?c=api&m=test_site_domain of the component Project Domain Change Test. This manipulation of the argument v causes...
A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04
A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata and path information. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04
A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04
A vulnerability in portenable cgi allows remote authenticated users to get the status of installed packages. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_25_04
A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=1 of the component Add Data Validation Page. The manipulation of...
A vulnerability was detected in dayrui XunRuiCMS up to 4.7.1. This affects an unknown part of the file /admin79f2ec220c7e.php?c=api&m=demo&name=mobile of the component Domain Name Binding Page. The manipulation results in cross site scripting. The...
A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown function of the file /admind45f74adbd95.php?c=email&m=add of the component Email Setting Handler. Performing manipulation results in server-side request forgery....
A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is an unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0 of the component Add Display Name Field. Executing manipulation of the...