CVE-2026-23092 iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source

In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...

CVE-2026-23092

In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...

CVE-2026-23092 iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source

In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...

Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

ExploitAtlas A full-stack Rust application for CVE intelligen...

ROS-20260129-73-0051

A vulnerability in the Request Handling component of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the lack of validation of the data or message source. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions...

CVE-2026-24836

creationtimestamp| type| source ---|---|--- 2026-01-28 00:52:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdh2nj27qg2m 2026-01-28 01:41:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdh5fn33kj2c...

Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption v...

GHSA-J49H-6577-5XWQ gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values

Unbounded TLV length in ReadFile can cause Denial of Service Summary A Denial of Service vulnerability was identified in ReadFile where unbounded TLV length values could lead to excessive CPU and memory usage when processing data from a malicious or non-compliant NFC source. This issue has been...

CVE-2025-69559

creationtimestamp| type| source ---|---|--- 2026-01-26 16:58:49+00:00| seen| https://gist.github.com/lih28984-commits/cd3a275dfd9c92a79b6a4a0e8801f4fa...

CVE-2025-58090

creationtimestamp| type| source ---|---|--- 2026-01-20 16:30:40+00:00| seen| https://infosec.place/objects/86c1cfe3-6826-4fb9-8bab-2163ea39c0ed...

CVE-2025-14798

creationtimestamp| type| source ---|---|--- 2026-01-20 06:38:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mctkap453m2i...

CVE-2025-29847

CVE-2025-29847 (Apache Linkis) : A vulnerability in Apache Linkis where, when using the JDBC engine and data source, multiple URL-encoded parameters on the frontend can bypass checks and allow unauthorized access to system files via JDBC parameters. Affected versions: 1.3.0–1.7.0. Impact: potenti...

CVE-2025-68924

In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL aka Webservice URL as a data source for remote code execution...

CVE-2025-68924

CVE-2025-68924 affects UmbracoForms up to version 8.13.16. An authenticated attacker can specify a malicious WSDL URL as a Webservice data source, enabling remote code execution via dynamic SOAP client generation. The root cause is untrusted WSDL processing in the Webservice data source. Impact i...

PT-2026-3273

In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL aka Webservice URL as a data source for remote code execution...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview UmbracoForms is a tool that makes creating contact forms, entry forms and questionnaires just as easy as using Word. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the dynamic SOAP client generation...

GHSA-VRGW-PC9C-QRRC UmbracoForms Vulnerable to Remote Code Execution via Untrusted WSDL Compilation in Dynamic SOAP Client Generation

Impact Within Umbraco Forms, configuring a malicious URL on the Webservice data source can result in Remote Code Execution. This affects all Umbraco Forms versions running on .NET Framework up to and including version 8. Patches The affected Umbraco Forms versions are all End-of-Life EOL and not...

CVE-2025-69274

creationtimestamp| type| source ---|---|--- 2026-01-12 06:14:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mc7f6gihuv2e 2026-01-12 08:28:43+00:00| seen| https://gist.github.com/Darkcrai86/f0f6df139dd354963017b94c3867a324...

CVE-2023-49566

In Apache Linkis =1.5.0, due to the lack of effective filtering of parameters, an attacker configuring malicious db2 parameters in the DataSource Manager Module will result in jndi injection. Therefore, the parameters in the DB2 URL should be blacklisted. This attack requires the attacker to obta...

CVE-2021-27644

In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. Only applicable to MySQL data source with internal login account password...