CVE-2026-53674

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...

CVE-2026-53674 BuddyPress 14.4.0 REGEXP Injection via @Mention Username Resolution

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...

CVE-2026-53674

CVE-2026-53674 affects BuddyPress 14.4.0. A regular expression injection in the activity mention resolver occurs when username compatibility mode is enabled, allowing an attacker to craft @mentions with regex metacharacters that pass esc_sql and are inserted into an unprepared REGEXP query on the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: Fixed a memory leak in compatinsnlist. compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl function when CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn...

GHSA-442J-39WM-28R2 Handlebars.js has a Property Access Validation Bypass in container.lookup

Summary In lib/handlebars/runtime.js, the container.lookup function uses container.lookupProperty as a gate check to enforce prototype-access controls, but then discards the validated result and performs a second, unguarded property access depthsiname. This Time-of-Check Time-of-Use TOCTOU patter...

EUVD-2006-7182

Malware in sbrugna...

EUVD-2017-9338

Malware in sbrugna...

EUVD-2020-25296

Malware in sbrugna...

CVE-2025-7705 Authentication bypass due to compatibility mode enabled by default

: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions...

CVE-2025-7705 Authentication bypass due to compatibility mode enabled by default

: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions...

CVE-2025-7705

CVE-2025-7705 affects ABB Switch Actuator 4 DU-83330 and ABB Switch actuator, door/light 4 DU-83330-500, all versions. The issue is described as an Active Debug Code vulnerability. The PT-2025-30398 entry confirms the vulnerable components and versions and states there is no information about a f...

SUSE CVE-2022-49520

In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESRELx for a bad syscall If a compat process tries to execute an unknown system call above the ARMNRCOMPATEND number, the kernel sends a SIGILL signal to the offending process...

SUSE CVE-2022-49629

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthopcompatmode. While reading nexthopcompatmode, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49629 nexthop: Fix data-races around nexthop_compat_mode.

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthopcompatmode. While reading nexthopcompatmode, it can be changed concurrently. Thus, we need to add READONCE to its readers...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to symbolically expand an old ftruncate function system call using a 32-bit offt when called in...

SUSE CVE-2021-47364

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...

DEBIAN-CVE-2021-47364

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...

The vulnerability of the DCH-compatible Thunderbolt driver relates to incorrect elimination of special elements in the output data, allowing attackers to increase their privileges.

The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to increase their privileges...

SUSE CVE-2006-7203

The compatsysmount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service NULL pointer dereference and oops by mounting a smbfs file system in compatibility mode "mount -t smbfs"...

SUSE CVE-2017-18205

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...