The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allo...

The vulnerability of the UpdateUsers method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the UpdateUsers method in software for managing and monitoring removed objects in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

The vulnerability of the UpdateGateways method in the software for managing and monitoring remote devices in telemetering and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateGateways method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the...

A Security Framework for General Blockchain Layer 2 Protocols

Layer 2 L2 solutions are the cornerstone of blockchain scalability, enabling high-throughput and low-cost interactions by shifting execution off-chain while maintaining security through interactions with the underlying ledger. Despite their common goals, the principal L2 paradigms -- payment...

PT-2025-29484 · Tecnick.Com · Tcpdf

Уязвимость PHP-библиотеки TCPDF связана с недостатками механизма десериализации. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, оказать воздействие на целостность и доступность защищаемой информации...

The vulnerability of the dev_map_delete_elem() function in the kernel/bpf/devmap.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the devmapdeleteelem function in the kernel/bpf/devmap.c module of the Linux operating system is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the rt5645_i2cremove() function in the sound module/soc/codecs/rt5645.c file, which is part of the Linux operating system’s SoC audio kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the rt5645i2cremove function in the sound module/soc/codecs/rt5645.c file, which is part of the Linux operating system’s sound support for SoC cores, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise t...

Vulnerability of the lpfc_initial_flogi() function in the drivers/scsi/lpfc/lpfc_els.c module – The SCSI device support driver for the Linux operating system, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the lpfcinitialflogi function in the drivers/scsi/lpfc/lpfcels.c module – The Linux SCSI device driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the nft_unregister_flowtable_type() function in the include/net/netfilter/nf_tables.h module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nftunregisterflowtabletype function in the include/net/netfilter/nftables.h module of the Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of Google Chrome browsers, related to memory usage after deallocation, allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of data through a specially crafted HTML page...

The vulnerability of the e_show() function in the fs/nfsd/export.c module of the Linux kernel’s Network File System support module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the eshow function in the fs/nfsd/export.c module, which is part of the NFS network file system support in Linux kernels, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...

Vulnerability of the mt7921_mcu_tx_rate_report() function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – This driver is part of the Linux kernel’s wireless adapter support framework. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the mt7921mcutxratereport function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – The driver for supporting wireless connection adapters in the Linux operating system is vulnerable due to buffer out-of-bounds reading. Exploiting this vulnerability could allow an...

The vulnerability of Google Chrome browsers, related to memory usage after deallocation, allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to compromise privacy, integrity, and accessibility of data...

The vulnerability of the do_name() function in the init/initramfs.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the doname function in the init/initramfs.c module of the Linux kernel is related to memory allocation beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

CVE-2024-10361

An arbitrary file deletion vulnerability exists in danny-avila/librechat version v0.7.5-rc2, specifically within the /api/files endpoint. This vulnerability arises from improper input validation, allowing path traversal techniques to delete arbitrary files on the server. Attackers can exploit thi...

The vulnerability of the btrfs_force_cow_block() function in the fs/btrfs/ctree.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the btrfsforcecowblock function in the fs/btrfs/ctree.c module of the Linux kernel is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...

The vulnerability of the Default Header Filtering component in the Apache Camel framework, which is related to insufficient registry checks, allows attackers to influence the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the Default Header Filtering component in the Java framework of Apache Camel is related to insufficient registration checks. Exploiting this vulnerability allows an attacker to influence the integrity, availability, and confidentiality of the protected information...

CVE-2025-27434

Due to insufficient input validation, SAP Commerce Swagger UI allows an unauthenticated attacker to inject the malicious code from remote sources, which can be leveraged by an attacker to execute a cross-site scripting XSS attack. This could lead to a high impact on the confidentiality, integrity...

CVE-2025-27434

CVE-2025-27434 affects SAP Commerce (Swagger UI). The issue is caused by insufficient input validation, allowing an unauthenticated attacker to inject remote code and perform a cross-site scripting (XSS) attack, with high impact to confidentiality, integrity, and availability (CVSSv3.1: AV:N/AC:L...

PT-2025-10680 · Sap · Sap Commerce

Name of the Vulnerable Software and Affected Versions: SAP Commerce affected versions not specified Description: The issue is caused by insufficient input validation in SAP Commerce Swagger UI, allowing an unauthenticated attacker to inject malicious code from remote sources. This can be leverage...