CVEs from 2023
Total
6,120
critical
critical 239
high
high 1,503
medium
medium 1,409
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-47182 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions. | |||
| CVE-2023-46084 | high | 8.8 | 8.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font Loader allows SQL Injection.This issue affects Icons Font Loader: from n/… | |||
| CVE-2023-35910 | high | 8.8 | 8.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nucleus_genius Quasar form free – Contact Form Builder for WordPress allows SQL Injection.This is… | |||
| CVE-2023-36677 | high | 8.8 | 8.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Do… | |||
| CVE-2023-25990 | high | 8.8 | 8.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10. | |||
| CVE-2023-25800 | high | 8.8 | 8.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0. | |||
| CVE-2023-28777 | high | 8.8 | 8.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LearnDash LearnDash LMS allows SQL Injection.This issue affects LearnDash LMS: from n/a through 4… | |||
| CVE-2023-5246 | high | 8.8 | 8.8 | 3y ago | Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 109983… | |||
| CVE-2023-45048 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Repuso Social proof testimonials and reviews by Repuso plugin <= 5.00 versions. | |||
| CVE-2023-41730 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions. | |||
| CVE-2023-29235 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Fugu Maintenance Switch plugin <= 1.5.2 versions. | |||
| CVE-2023-37998 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler allows Cross Site Request Forgery.This issue affects Disabler: from n/a through 3.0.3. | |||
| CVE-2023-4934 | high | 8.8 | 8.8 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass. This issue affects AYBS: before 1.0.3. | |||
| CVE-2023-4665 | high | 8.8 | 8.8 | 3y ago | Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation. This issue affects Saphira Connect: before 9. | |||
| CVE-2023-4664 | high | 8.8 | 8.8 | 3y ago | Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation. This issue affects Saphira Connect: before 9. | |||
| CVE-2023-32079 | high | 8.8 | 8.8 | 3y ago | Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User in github.com/gravitl/netmaker | |||
| CVE-2023-38512 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in wpstream WpStream wpstream allows Cross Site Request Forgery.This issue affects WpStream: from n/a through <= 4.5.4. | |||
| CVE-2023-35096 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in myCred plugin <= 2.5 versions. | |||
| CVE-2023-33153 | high | 8.8 | 8.8 | 3y ago | Microsoft Outlook Remote Code Execution Vulnerability | |||
| CVE-2023-33148 | high | 7.8 | 8.8 | 3y ago | Microsoft Office Elevation of Privilege Vulnerability | |||
| CVE-2023-35091 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Manager for WooCommerce plugin <= 2.10.0 versions. | |||
| CVE-2023-23679 | high | 8.8 | 8.8 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk: from … | |||
| CVE-2023-33314 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR plugin <= 1.1.3.1 versions. | |||
| CVE-2023-2883 | high | 8.8 | 8.8 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | |||
| CVE-2023-2065 | high | 8.8 | 8.8 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass. This issue affects Cargo Tracking System… | |||
| CVE-2023-2702 | high | 8.8 | 8.8 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass. This issue affects Competition Managem… | |||
| CVE-2023-22689 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <= 6.3 versions. | |||
| CVE-2023-1462 | high | 8.8 | 8.8 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 2… | |||
| CVE-2023-26314 | high | 8.8 | 8.8 | 3y ago | The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter. | |||
| CVE-2023-0882 | high | 8.8 | 8.8 | 3y ago | Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse. This issue affects Single Connect: 2.16. | |||
| CVE-2023-24377 | high | 8.8 | 8.8 | 3y ago | Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.3 versions. | |||
| CVE-2023-47698 | high | 8.6 | 8.6 | 2y ago | Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japaniz… | |||
| CVE-2023-3270 | high | 8.6 | 8.6 | 3y ago | Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system. | |||
| CVE-2023-51355 | high | 8.2 | 8.2 | 2y ago | Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: f… | |||
| CVE-2023-49817 | high | 8.2 | 8.2 | 2y ago | Missing Authorization vulnerability in heoLixfy Flexible Woocommerce Checkout Field Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flexible Woocomme… | |||
| CVE-2023-48286 | high | 8.2 | 8.2 | 2y ago | Missing Authorization vulnerability in mra13 Stripe Payments stripe-payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stripe Payments: from n/a throu… | |||
| CVE-2023-51471 | high | 8.2 | 8.2 | 2y ago | Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Checkout Mestres WP: from n/a through 7.1… | |||
| CVE-2023-3271 | high | 8.2 | 8.2 | 3y ago | Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endp… | |||
| CVE-2023-25998 | high | 8.1 | 8.1 | 11mo ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Samex - Clean, Minimal Shop WooCommerce WordPress Theme allows PHP Lo… | |||
| CVE-2023-26005 | high | 8.1 | 8.1 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Fitrush allows PHP Local File Inclusion. This issue affects Fitrush: … | |||
| CVE-2023-25999 | high | 8.1 | 8.1 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme BodyCenter - Gym, Fitness WooCommerce WordPress Theme allows PHP Loca… | |||
| CVE-2023-41130 | high | 8.1 | 8.1 | 2y ago | Missing Authorization vulnerability in Premmerce Premmerce User Roles premmerce-user-roles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce User Ro… | |||
| CVE-2023-23649 | high | 8.1 | 8.1 | 2y ago | Deserialization of Untrusted Data vulnerability in MainWP MainWP Links Manager Extension.This issue affects MainWP Links Manager Extension: from n/a through 2.1. | |||
| CVE-2023-52180 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe … | |||
| CVE-2023-26525 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, E… | |||
| CVE-2023-30750 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordP… | |||
| CVE-2023-30495 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Ultimate Addons for Contact Form 7.This issue affects Ultimate Addons for Contact Form 7… | |||
| CVE-2023-49825 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affe… | |||
| CVE-2023-33330 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | |||
| CVE-2023-33209 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CrawlSpider SEO Change Monitor – Track Website Changes.This issue affects SEO Change Monitor – Tr… | |||
| CVE-2023-31092 | high | 8.1 | 8.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Foxskav Easy Bet.This issue affects Easy Bet: from n/a through 1.0.2. | |||
| CVE-2023-36520 | high | 8.1 | 8.1 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12. | |||
| CVE-2023-35876 | high | 8.1 | 8.1 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Square.This issue affects WooCommerce Square: from n/a through 3.8.1. | |||
| CVE-2023-37867 | high | 8.1 | 8.1 | 3y ago | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plug… | |||
| CVE-2023-4379 | high | 8.1 | 8.1 | 3y ago | An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge req… | |||
| CVE-2023-33170 | high | 8.1 | 8.1 | 3y ago | RHSA-2023:4059: .NET 6.0 security, bug fix, and enhancement update (Important) | |||
| CVE-2023-33127 | high | 8.1 | 8.1 | 3y ago | .NET and Visual Studio Elevation of Privilege Vulnerability | |||
| CVE-2023-2885 | high | 8.1 | 8.1 | 3y ago | Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM). This issue affects Chatbot: before Core:… | |||
| CVE-2023-0122 | high | — | 8.0 | — | A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmet_setup_auth(), allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Af… | |||
| CVE-2023-1894 | high | — | 8.0 | — | A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down… | |||
| CVE-2023-0118 | high | — | 8.0 | — | Important: Satellite 6.14 security and bug fix update | |||
| CVE-2023-0119 | high | — | 8.0 | — | Important: Satellite 6.14 security and bug fix update | |||
| CVE-2023-25012 | high | — | 8.0 | — | The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. | |||
| CVE-2023-27753 | high | 8.0 | 8.0 | 23d ago | An arbitrary file upload vulnerability in MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted PHP file. | |||
| CVE-2023-49316 | high | — | 8.0 | 26d ago | Phpseclib needs guardrails on large binaryfield integers | |||
| CVE-2023-54035 | high | — | 8.0 | 5mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix underflow in chain reference counter Set element addition error path decrements reference counter on ch… | |||
| CVE-2023-53125 | high | — | 8.0 | 8mo ago | In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket bu… | |||
| CVE-2023-53064 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: iavf: fix hang on reboot with ice When a system with E810 with existing VFs gets rebooted the following hang may be observed. P… | |||
| CVE-2023-53012 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: thermal: core: call put_device() only after device_register() fails put_device() shouldn't be called before a prior call to devic… | |||
| CVE-2023-43758 | high | — | 8.0 | 1y ago | RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2023-34440 | high | — | 8.0 | 1y ago | RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2023-52922 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff8881… | |||
| CVE-2023-52605 | high | — | 8.0 | 1y ago | RHSA-2024:7001: kernel-rt security update (Important) | |||
| CVE-2023-22458 | high | — | 8.0 | 1y ago | RHSA-2025:0595: redis:6 security update (Important) | |||
| CVE-2023-25155 | high | — | 8.0 | 1y ago | RHSA-2025:0595: redis:6 security update (Important) | |||
| CVE-2023-28856 | high | — | 8.0 | 1y ago | RHSA-2025:0595: redis:6 security update (Important) | |||
| CVE-2023-45145 | high | — | 8.0 | 2y ago | RHSA-2025:0595: redis:6 security update (Important) | |||
| CVE-2023-42950 | high | — | 8.0 | 2y ago | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously … | |||
| CVE-2023-52791 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is disabled. Howe… | |||
| CVE-2023-52811 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are al… | |||
| CVE-2023-52762 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtio_max_dma_size The following codes have an implicit conversion from size_t to u32: (u32… | |||
| CVE-2023-52662 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node When ida_alloc_max fails, resources allocated before should be freed, includi… | |||
| CVE-2023-52756 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2023-52878 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_s… | |||
| CVE-2023-52619 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd num… | |||
| CVE-2023-52622 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_si… | |||
| CVE-2023-52686 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory whic… | |||
| CVE-2023-52813 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_tes… | |||
| CVE-2023-52840 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() The put_device() calls rmi_release_function() which frees… | |||
| CVE-2023-42843 | high | — | 8.0 | 2y ago | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visit… | |||
| CVE-2023-52784 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave() Commit 9eed321cde22 ("net: lapbether: only support ethernet devices") has been … | |||
| CVE-2023-52648 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held… | |||
| CVE-2023-54114 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() As the call trace shows, skb_panic was caused by wrong sk… | |||
| CVE-2023-42956 | high | — | 8.0 | 2y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. | |||
| CVE-2023-52775 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. … | |||
| CVE-2023-52615 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a dead-lock in the hwrng device read path. This triggers when t… | |||
| CVE-2023-53597 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exce… | |||
| CVE-2023-52560 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() When CONFIG_DAMON_VADDR_KUNIT_TEST=y and making CONFI… | |||
| CVE-2023-52464 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug … | |||
| CVE-2023-52834 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 ("net: alx: Work around the DMA RX o… |