Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tipc: Check the bearer type before calling tipcudpnlbeareradd. syzbot reported the following general protection fault 1: General protection fault, likely for a non-canonical address 0xdffffc0000000010: 0000 1 PREEMPT SMP KASAN...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

EUVD-2026-30932

Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service DoS attack to be executed by sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly. The vendor was notified early about this vulnerability,...

EUVD-2026-30931

Sparx Pro Cloud Server requires authentication based on requested URL. An attacker can omit the "model" query parameter and send the model name only in the binary blob in POST request allowing SQL query execution without authentication. The vendor was notified early about this vulnerability, but...

EUVD-2026-30927

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond wi...

CVE-2026-42096 Broken Access Control in Sparx Pro Cloud Server

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond wi...

PT-2026-41893

Name of the Vulnerable Software and Affected Versions Sparx Pro Cloud Server versions 6.1 build 167 and earlier Description Authentication is required based on the requested URL. An attacker can bypass this check by omitting the model query parameter and providing the model name only within the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Smack: TCP/IPv4; fixed incorrect labeling. Currently, Smack mirrors the label of incoming TCP/IPv4 connections. When a connection with label “foo” connects to a connection with label “bar” via TCP/IPv4, “foo” always receives the...

KeepSolid VPN Unlimited 代码问题漏洞

KeepSolid VPN Unlimited is a VPN proxy software developed by the American company KeepSolid. Version 6.1 of KeepSolid VPN Unlimited contains a code vulnerability. This vulnerability stems from an unquoted service path vulnerability. Attackers can exploit this vulnerability by replacing the servic...

CVE-2025-54346

A Reflected Cross Site Scripting XSS vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information...

IBM DB2 High Performance Unload 安全漏洞

IBM DB2 High Performance Unload is a database data export program from International Business Machines IBM. A security vulnerability exists in IBM DB2 High Performance Unload, which stems from a buffer size calculation error that could cause the program to crash. The following versions are...

EUVD-2014-1357

Malware in sbrugna...

EUVD-2000-0749

Malware in sbrugna...

EUVD-2017-1531

Malware in sbrugna...

EUVD-2022-33702

Malicious code in bioql PyPI...

PT-2025-38446

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5+ 82 Description A use-after-free UAF issue exists in the CIFS implementation of the Linux kernel. Specifically, the issue occurs when destroying the Message Response MR list. If MR allocation fails, the...

CVE-2022-1019

Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an attacker to send a maliciously crafted URL which could result in redirecting the user to a malicious webpage or downloading a malicious file...

CVE-2022-36605

Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter...

CVE-2018-11679

An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability that can add an article via /index.php?case=table=add=archivedir=admin...

ROS-2-138

2.138 Notification on updating of the Anti-Malware Protection System "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need t...