Vuldb Updates

A vulnerability was found in BoidCMS 2.0.1. It has been rated as problematic. This impacts an unknown function. This manipulation of the argument title/subtitle/footer/keywords causes cross site scripting. This vulnerability is registered as CVE-2023-48824. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability described as critical has been identified in kkFileView 4.3.0. Impacted is an unknown function. Executing a manipulation can lead to improper access controls. This vulnerability is registered as CVE-2023-48815. The attack requires access to the local network. No exploit is available.

A vulnerability marked as critical has been reported in WP Mail Logging Plugin up to 1.15.0 on WordPress. The affected element is the function maybe_unserialize of the component Log Message Handler. The manipulation leads to deserialization. This vulnerability is listed as CVE-2026-2471. The attack may be initiated remotely. There is no available exploit.

A vulnerability described as critical has been identified in Tutor LMS Plugin up to 3.9.4/3.9.6 on WordPress. The impacted element is an unknown function. The manipulation of the argument coupon_code results in sql injection. This vulnerability is cataloged as CVE-2025-13673. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.0.6. It has been classified as critical. This affects the function nsim_drv_probe of the component netdevsim. This manipulation causes memory leak. This vulnerability is registered as CVE-2022-50500. The attack requires access to the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.1. This affects the function binfmt_misc. The manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2022-50497. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.74/5.19.16/6.0.2. It has been classified as critical. This vulnerability affects the function rtnl_lock of the file net/core/dev.c of the component eth. The manipulation leads to reachable assertion. This vulnerability is listed as CVE-2022-50498. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.0.2. Affected by this vulnerability is the function get_cpu of the component thermal. Such manipulation leads to injection. This vulnerability is referenced as CVE-2022-50494. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 5.10.153/5.15.76/6.0.6. This issue affects the function cti_disable_hw. Such manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-50491. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 6.0.6. This impacts an unknown function. The manipulation results in use after free. This vulnerability was named CVE-2022-50492. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.85/6.0.15/6.1.1. Impacted is the function qla24xx_process_response_queue. Performing a manipulation results in stack-based buffer overflow. This vulnerability was named CVE-2022-50493. The attack needs to be approached within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 5.15.74/5.19.16/6.0.2. This vulnerability affects the function htab_lock_bucket of the component bpf. This manipulation causes out-of-bounds read. This vulnerability is handled as CVE-2022-50490. The attack can only be done within the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.0.2. This affects the function mipi_dsi_host_unregister of the component mipi-dsi. The manipulation results in infinite loop. This vulnerability is known as CVE-2022-50489. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 5.10.174/5.15.85/6.0.15/6.1.1. It has been rated as critical. Affected is the function bfq_select_queue. Performing a manipulation results in use after free. This vulnerability is reported as CVE-2022-50488. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as problematic, has been found in thinkst canarytokens up to 2019-03-01. The impacted element is an unknown function. This manipulation of the argument Title causes cross site scripting. This vulnerability appears as CVE-2026-28355. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in langgenius dify up to 1.8.x and classified as problematic. Affected is an unknown function of the component Dify API. Executing a manipulation can lead to observable response discrepancy. This vulnerability is handled as CVE-2026-28288. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.3.4. Affected is the function usb_submit_urb of the file drivers/usb/core/urb.c. Performing a manipulation results in privilege escalation. This vulnerability is reported as CVE-2023-53644. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.17/6.2.4. The affected element is the function getsockname. The manipulation results in null pointer dereference. This vulnerability was named CVE-2023-53643. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.3.1. Impacted is the function dev_dbg. The manipulation leads to race condition. This vulnerability is uniquely identified as CVE-2023-53639. The attack can only be initiated within the local network. No exploit exists. You should upgrade the affected component.