Security update for kernel-livepatch-MICRO-6-0_Update_6

This update for kernel-livepatch-MICRO-6-0Update6 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...

EUVD-2018-17072

Malware in sbrugna...

EUVD-2019-5467

Malware in sbrugna...

EUVD-2017-9965

Malware in sbrugna...

EUVD-2023-1492

Malicious code in bioql PyPI...

EUVD-2024-31949

Malicious code in bioql PyPI...

EUVD-2025-29107

Malicious code in bioql PyPI...

EUVD-2024-2499

Malicious code in bioql PyPI...

EUVD-2023-2228

Malicious code in bioql PyPI...

EUVD-2022-30077

Malicious code in bioql PyPI...

CVE-2025-10389

A security flaw has been discovered in CRMEB up to 5.6.1. Impacted is the function Save of the file app/services/system/admin/SystemAdminServices.php of the component Administrator Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack may be...

CVE-2025-10389

A security flaw has been discovered in CRMEB up to 5.6.1. Impacted is the function Save of the file app/services/system/admin/SystemAdminServices.php of the component Administrator Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack may be...

CVE-2025-10389 CRMEB Administrator Password SystemAdminServices.php save improper authorization

A security flaw has been discovered in CRMEB up to 5.6.1. Impacted is the function Save of the file app/services/system/admin/SystemAdminServices.php of the component Administrator Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack may be...

CVE-2025-10389

CVE-2025-10389 affects CRMEB up to version 5.6.1. The vulnerability is in the Save function of app/services/system/admin/SystemAdminServices.php (Administrator Password Handler). Manipulating the ID argument can lead to improper authorization, with remote exploitation possible. Multiple sources c...

PT-2025-37399

Name of the Vulnerable Software and Affected Versions: CRMEB versions up to 5.6.1 Description: A security flaw exists in CRMEB due to improper authorization when manipulating the ID argument within the Save function of the app/services/system/admin/SystemAdminServices.php file, specifically in th...

CRMEB 授权问题漏洞

CRMEB is a Java mall system of CRMEB open source. An authorization issue vulnerability exists in CRMEB 5.6.1 and earlier versions, which stems from incorrect manipulation of the parameter ID of the component Administrator Password Handler in the file...

CVE-2025-50757

Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the setsysadm function via the username parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-8402 Nil pointer dereference in bulk import crashes server

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.0, 10.9.x = 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature...

CVE-2025-8925

A vulnerability has been found in itsourcecode Sports Management System 1.0. Affected is an unknown function of the file /Admin/match.php. The manipulation of the argument code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

CVE-2025-8972 itsourcecode Online Tour and Travel Management System page-login.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...