100 matches found
SUSE-SU-2026:2450-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: Add workaround for Cortex-A76 erratum 1286807 bsc1266290. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. - CVE-2025-68822: Input: alps -...
openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20912-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20912-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585:...
Phoenix Contact多款产品 信息泄露漏洞
Phoenix Contact CHARX SEC-3150, among others, are AC charging controllers produced by the German company Phoenix Contact. Several products from Phoenix Contact have vulnerabilities related to information leakage. These vulnerabilities stem from the ability of unauthorized, unauthenticated attacke...
CVE-2026-3150
creationtimestamp| type| source ---|---|--- 2026-02-25 05:27:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfnx3ohr4r2o 2026-07-09 01:15:49+00:00| seen| https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities20260702...
Phoenix Contact CHARX SEC-3150 代码注入漏洞
The Phoenix Contact CHARX SEC-3150 is an AC charge controller from Phoenix Contact, Germany. The Phoenix Contact CHARX SEC-3150 suffers from a code injection vulnerability that originates from a low-privileged remote attacker who can perform command injection by changing the system configuration...
(Pwn2Own) Phoenix Contact CHARX SEC-3150 OCPP Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the OCPP service. The issue result...
(Pwn2Own) Phoenix Contact CHARX SEC-3150 Configuration Service Missing Authentication Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration service, which listens on TCP port 500...
(Pwn2Own) Phoenix Contact CHARX SEC-3150 Origin Validation Error Firewall Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass firewall rules and access another interface on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of firewa...
PHOENIX CONTACT多款产品 操作系统命令注入漏洞
PHOENIX CONTACT CHARX SEC-3050 and others are products of PHOENIX CONTACT, Germany.PHOENIX CONTACT CHARX SEC-3050 is an AC charge controller.PHOENIX CONTACT CHARX SEC-3100 is an AC PHOENIX CONTACT CHARX SEC-3150 is an AC charge controller. An operating system command injection vulnerability exist...
CVE-2022-3150
The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin...
CVE-2021-3150
A cross-site scripting XSS vulnerability on the Delete Personal Data page in Cryptshare Server before 4.8.0 allows an attacker to inject arbitrary web script or HTML via the user name. The issue is fixed with the version 4.8.1...
CVE-2025-3150
A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...
CVE-2025-3150
creationtimestamp| type| source ---|---|--- 2025-04-03 07:34:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10171 2025-04-03 11:03:13+00:00| seen| https://t.me/cvedetector/21956...
CVE-2025-3150 itning Student Homework Management System cross-site request forgery
A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...
CVE-2025-3150 itning Student Homework Management System cross-site request forgery
A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...
CVE-2024-3150
creationtimestamp| type| source ---|---|--- 2025-01-09 22:15:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1099...
PHOENIX CONTACT CHARX SEC 安全漏洞
PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. A security vulnerability exists in the PHOENIX CONTACT CHARX SEC. An attacker could exploit the vulnerability to change the device configuration. The following products are affected: CHARX SEC-3000, CHAR...
CVE-2024-3150 Privilege Escalation in mintplex-labs/anything-llm
In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows users with Default or Manager roles to escalate their privileges to Administrator. The issue arises from improper input validation when handling HTTP POST requests to the endpoint...
CVE-2024-3150
In mintplex-labs/anything-llm, a vulnerability exists in the thread update flow where HTTP POSTs to /workspace/:slug/thread/:threadSlug/update incorrectly validate user input before passing data to the workspace_thread Prisma model. This flaw enables users with Default or Manager roles to craft a...
SUSE CVE-2015-3150
abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the 1 ChownProblemDir, 2 DeleteElement, or 3 DeleteProblem method...