MindsDB 访问控制错误漏洞

MindsDB is a joint query engine developed by MindsDB Corporation, designed specifically for AI agents and large language models. It can handle questions related to PB-level enterprise data. MindsDB versions 26.01 and earlier contained a access control vulnerability. This vulnerability stemmed fro...

Prefect 注入漏洞

Prefect is a workflow orchestration tool developed by Prefect OpenSource. It enables developers to build, monitor data pipelines, and respond to changes in those pipelines. Prefect versions 3.6.25.dev6 and earlier have a vulnerability due to an unknown feature in the GitRepository Pull Handler...

TOTOLINK N300RH 缓冲区错误漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. The version TOTOLINK N300RH 3.2.4-B20220812 contains a buffer overflow vulnerability. This vulnerability stems from an operation on the parameterFileName in the setUpgradeFW function of the POST Request Handler...

goshs 跨站请求伪造漏洞

Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs prior to 2.0.2 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of CSRF token verification in the PUT upload handler. Combined with the unconditional...

CodeCanyon Perfex CRM 授权问题漏洞

CodeCanyon Perfex CRM is a self-hosted customer relationship management software developed by CodeCanyon. Versions of CodeCanyon Perfex CRM 3.4.1 and earlier contained an authorization vulnerability. This vulnerability stemmed from the operation of the parameter ID in the function Clients::projec...

PT-2026-36745

Name of the Vulnerable Software and Affected Versions Totolink WA300 version 5.2cu.7112 B20190227 Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists within the UploadCustomModule function of the '/cgi-bin/cstecgi.cgi' endpoint when the...

PT-2026-36842

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

PT-2026-36931

Name of the Vulnerable Software and Affected Versions CodeCanyon Perfex CRM versions prior to 3.4.2 Description An authorization bypass exists in the Tenant Handler component within the Clients::project function of the application/controllers/Clients.php file. A remote attacker can exploit this b...

Astra Linux – Vulnerability in cups-filters

“cups-filters” contains backends, filters, and other software necessary to enable the “cups” printing service on operating systems other than macOS. If you use the “Backend Error Handler” beh to create an accessible network printer, this security vulnerability could lead to remote code execution...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer check in IRQ handler Now that all other accesses to currxfer are done under the lock, protect the currxfer NULL check in tegraqspiisrthread. Without this protection, the following race conditi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Implement a reference counter for SRB The timeout handler and the done function are competing with each other. When qla2x00asynciocbtimeout starts to execute, it may be preempted by the normal response path via the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Avoid invalid reads in irdmanetevent. The irdmanetevent function should not dereference anything from “neigh” alias “ptr” until it has checked that the event is of type NETEVENTNEIGHUPDATE. Other events are pointed to...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: kprobes: The posthandler of aggrprobe is cleared in the case where kprobe-on-ftrace is used. In unregisterkprobetop, if the currently unregistered probe has a posthandler, but other child probes of aggrprobe do not have a...

Astra Linux – Vulnerability in Firefox

An attacker was able to insert an event handler into a privileged object, allowing arbitrary JavaScript execution in the parent process. Note: This vulnerability only affects Desktop Firefox; mobile versions of Firefox are not affected. This vulnerability applies to Firefox versions earlier than...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset the IH OVERFLOWCLEAR bit. This also allows us to detect subsequent IH ring buffer overflows...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: DCCP: Fixed out-of-bounds access in the DCCP error handler. There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only wanted to access the first 8...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: Disable the interrupt enable bit before calling devmrequestirq The customer reports a soft lockup issue related to the i2c driver. After checking, it was found that the i2c module was performing a transmission operatio...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: UVC: Prevent buffer overflow in setup handler The uvcfunctionsetup function allows control transfers with a payload of up to 64 bytes UVCMAXREQUESTSIZE. The data stage handler for OUT transfers uses memcpy to copy th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192eu: Fixed a deadlock in rtwjoinbsseventprehandle. There is a deadlock in rtwjoinbsseventprehandle, as shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle | modtimer spinlockbh //1 | Wait...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure that the swevent hrtimer is properly destroyed. With the change to hrtimertrytocancel in perfswevent Cancelhrtimer, it appears possible for the hrtimer to still be active by the time the event is freed. Make sure tha...