Johnson Controls iSTAR Configuration Utility 安全漏洞

The Johnson Controls iSTAR Configuration Utility is a software tool for configuring and managing iSTAR Controllers from Johnson Controls, Inc. A security vulnerability exists in the Johnson Controls iSTAR Configuration Utility that originates from a buffer overflow issue...

USN-7453-1 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7452-1 linux-gcp-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7450-1 linux-gcp, linux-gke, linux-gkeop vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7449-1 linux, linux-aws, linux-azure, linux-azure-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7450-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7450-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

Citrix Virtual Apps and Desktops: Issues with Monitor Service after upgrade to 2402 CU2

Environment has been upgraded to 2402 CU2 version. When admin invokes a cmdlet: Get-MonitorConfiguration, the error is displayed: A database operation failed and could not be recovered : Reason ? Not all Delivery Controllers are affected and cmdlet returns actual configuration on some of the...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on April 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-107-01 Schneider Electric Trio Q Licensed Data Radio ICSA-25-107-02 Schneider Electric...

CISA: Key Secure by Demand Elements for Operational Technology Fact Sheet

This fact sheet addresses key elements for operational technology OT owners and operators to consider when purchasing digital products that automate physical processes, e.g. programmable logic controllers PLCs, human-machine interfaces HMIs, and remote terminal units RTUs. CISA strongly advises...

The vulnerability of the ufshcd_set_dma_mask() function in the drivers/ufs/core/ufshcd.c module affects UFS-host controllers in Linux operating systems. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ufshcdsetdmamask function in the drivers/ufs/core/ufshcd.c module affects UFS-host controllers. In Linux operating systems, this vulnerability is related to the reallocation of previously freed memory. Exploiting this vulnerability can allow an attacker to compromise the...

CVAD LVDA - How to update list of Controllers on a Linux VDA

Instructions to update the list of Controllers on a Linux VDA...

ABB Cylon FLXeon 9.3.4 - Cross-Site Request Forgery

Exploit title: ABB Cylon FLXeon 9.3.4 Limited Cross-Site Request Forgery Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...

ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure

Exploit Tiltle: ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...

CVE-2025-29390

jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the setpassword function in application/controllers/home.php...

CVE-2025-29390

jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the setpassword function in application/controllers/home.php...

CVE-2025-29390

jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the setpassword function in application/controllers/home.php...

CVE-2024-22611

OpenEMR 7.0.2 is vulnerable to SQL Injection via \openemr\library\classes\Pharmacy.class.php, \controllers\CPharmacy.class.php and \openemr\controller.php...

USN-7407-1 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7392-3 linux-aws vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

Ubuntu 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-7381-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7381-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a...