CVE-2026-23433

A flaw was found in the Linux kernel's armmpam component. A local user with privileges to manage hardware components could trigger a null pointer dereference when a Memory System Controller MSC supporting memory bandwidth monitoring is brought offline and then online. This vulnerability, occurrin...

CVE-2026-23464

A flaw was found in the Linux kernel, specifically within the Microchip PolarFire SoC System-on-Chip system controller driver. When the mpfssyscontrollerprobe function fails to initialize a device, it does not properly release allocated memory. This memory leak can accumulate over time, potential...

PT-2026-30158

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfs sys controller probe In mpfs sys controller probe, if of get mtd device by node fails, the function returns immediately without freeing the allocated memory for sys controller, leadin...

CVE-2026-28253

CVE-2026-28253 affects Trane Tracer SC, Tracer SC+, and Tracer Concierge with a Memory Allocation with Excessive Size Value vulnerability that could allow an unauthenticated attacker to cause a denial-of-service. The issue is described in public sources (NVD/CVE records) with a CVSS 4.0 base scor...

CVE-2025-66736

youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The importUsers function in SysUserController.java does not perform a permission check on the current user's identity, which may allow regular users to import user data into the database, resulting in an authorization bypass...

CVE-2025-14909 JeecgBoot SysUserOnlineController.java SysUserOnlineController user session

A weakness has been identified in JeecgBoot up to 3.9.0. The impacted element is the function SysUserOnlineController of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java. Executing manipulation can lead to mana...

CVE-2025-37141

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

EUVD-2022-24896

Malicious code in bioql PyPI...

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS 20250504 and earlier versions, which originates from improper access control in the function filedeal in the file /systemController/filedeal.do...

PT-2025-14828 · Ruoyi-Ai · Ruoyi-Ai

Name of the Vulnerable Software and Affected Versions: ageerle ruoyi-ai versions 2.0.1 and earlier Description: A critical issue affects an unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java in the component's API...

CVE-2024-53134 pmdomain: imx93-blk-ctrl: correct remove path

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i onecelldata.numdomains', not 'bc-onecelldata.numdomains' which will make the look never finish and cause kernel panic. Also disable runtime to address...

UBUNTU-CVE-2023-52467

In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in ofsysconregister kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...

Johnson Controls FRICK Quantum HD Unity System Controller Security Vulnerability

Johnson Controls FRICK Quantum HD Unity System Controller is an easy-to-use centralized control system from Johnson Controls, Inc. A security vulnerability exists in the Johnson Controls FRICK Quantum HD Unity System Controller that originates from allowing an unauthorized attacker to access...

ABB Pulsar Plus Controller

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: Pulsar Plus Controller Vulnerabilities: Use of Insufficiently Random Values, Cross-Site Request Forgery CSRF 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

CVE-2022-26080 Easily guessable session ID's in NE843 Pulsar Plus Controller

Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G4612 – comcode 150047415...

Pulsar Plus System Controller 安全特征问题漏洞

Pulsar Plus System Controller is a Pulsar Plus series controller. A security vulnerability exists in the ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant, which stems from the presence of an Insufficient Use of Random Values vulnerability. The following products and versions...

PT-2023-2102 · Abb · Abb Infinity Dc Power Plant +1

Name of the Vulnerable Software and Affected Versions: ABB Pulsar Plus System Controller NE843 S ABB Infinity DC Power Plant H5692448 G104 ABB Infinity DC Power Plant H5692448 G842 ABB Infinity DC Power Plant H5692448 G224L ABB Infinity DC Power Plant H5692448 G630-4 ABB Infinity DC Power Plant...

CVE-2022-1607

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

CVE-2022-1607

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...