ALGO 8180 IP Audio Alerter: Operating System Command Injection Vulnerability

ALGO 8180 IP Audio Alerter is an IP speaker developed by ALGO Corporation. The ALGO 8180 IP Audio Alerter has a vulnerability related to operating system command injection. This vulnerability stems from a lack of validation for user input strings in the SAC module, which may lead to remote code...

Siemens SIMATIC S7-1500 Improper Authentication (CVE-2022-28321)

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pamaccess.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a...

EUVD-2008-1731

Malware in sbrugna...

Ubuntu: Security Advisory (USN-7761-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-57758

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...

CVE-2025-57758 Contao has improper access control in the back end voters

Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the RDMA/hns module potentially double destroying rsvqp in the wrong path...

CVE-2024-54122

Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2022-49444

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...

MediaTek Chipsets 缓冲区错误漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A buffer error vulnerability exists in MediaTek Chipsets, which stems from the V6 DA module containing a missing bounds-checking issue that could lead to out-of-bounds writes...

MediaTek Chipsets 缓冲区错误漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A buffer error vulnerability exists in MediaTek Chipsets, which stems from the DA module containing a missing bounds-checking issue that could lead to out-of-bounds reads...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from an uninitialized data issue contained in the DA module that could result in reading uninitialized heap data...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the RDMA/hns module accessing an invalid dipctx pointer when destroying a QP. This could lead to a system...

CVE-2024-56434

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek chips, which stems from an incorrect state checking issue in the DA module, which may allow privilege bypass...

PT-2023-15051 · Armember · Armember

Name of the Vulnerable Software and Affected Versions: ARMember versions 3.4.11 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...

The vulnerability of the XML method access determination module and XMLDOM, related to insufficient validation of input data, allows a malicious actor to gain unauthorized access to the application.

The vulnerability of the XML method access determination module and its XMLDOM control mechanism is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the application by sending specially crafte...

Drupal access bypass vulnerability

In Drupal versions 8.4.x versions before 8.4.5 when using node access controls with a multilingual site, Drupal marks the untranslated version of a node as the default fallback for access queries. This fallback is used for languages that do not yet have a translated version of the created node...

Interlogix Hills ComNav 加密问题漏洞

Interlogix Hills ComNav is a remote access integration module for the Hills Reliance Security Alert System from Interlogix Australia. An encryption issue vulnerability exists in Interlogix Hills ComNav, which allows an attacker to view configuration page traffic across a local network...

Interlogix Hills ComNav 安全漏洞

Interlogix Hills ComNav is a remote access integration module for the Hills Reliance Security Alert System from Interlogix Australia. A security vulnerability exists in Interlogix Hills ComNav that allows a local attacker to brute-force break credentials...