DEBIAN-CVE-2026-23252

In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchkxfiledescr calls The xchkxfiledescr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes or whatever the nofail guarantees are nowadays. Some of them cou...

CVE-2026-23252

In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchkxfiledescr calls The xchkxfiledescr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes or whatever the nofail guarantees are nowadays. Some of them cou...

PT-2026-26102

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.6 through 6.14 Description The Linux kernel contains an issue where the xchk xfile descr macros utilize kasprintf, which may fail to allocate memory if the resulting formatted string exceeds a certain length. This can...

EUVD-2008-4353

Malware in sbrugna...

LLMs in the SOC: an Empirical Study of Human-AI Collaboration in Security Operations Centres

The integration of Large Language Models LLMs into Security Operations Centres SOCs presents a transformative, yet still evolving, opportunity to reduce analyst workload through human-AI collaboration. However, their real-world application in SOCs remains underexplored. To address this gap, we...

These Guys Hacked AirPods to Give Their Grandmas Hearing Aids

Three technologists in India used a homemade Faraday cage and a microwave oven to get around Apple’s location blocks...

A history of ransomware: How did it get this far?

Today's ransomware is the scourge of many organizations. But where did it start? If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. However, while it encrypted filenames a...

Input validation

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to...

Millions of Oklahoma Gov Files Exposed by Wide-Open Server

Millions of sensitive files on a storage server belonging to the Oklahoma Department of Securities were left exposed for a week – including credentials, internal docs and personal data stretching back decades. Researchers at UpGuard who discovered the data leak said that the publicly accessible...

齐博CMS视频系统 showsp.php和list.php 两处SQL注入漏洞

0x01漏洞描述 齐博CMS视频系统 showsp.php和list.php 两处SQL注入漏洞。 0x02漏洞详情 video/member/special.php elseif$job=='addsp' if$step==2 $yz=$groupdbPassContributeSP||$webadmin?1:0; $db-query"INSERT INTO $prespecial fid , title , keywords , style , template , picurl , content , aids ,uid , username , posttime , list,...

齐博视频系统 special.php 参数aids SQL注入漏洞

0x01漏洞简介 齐博视频最新版，漏洞文件:video/member/special.php 发布专题的地方 关键代码： elseif$job=='addsp' if$step==2 $yz=$groupdbPassContributeSP||$webadmin?1:0; $db-query"INSERT INTO $prespecial fid , title , keywords , style , template , picurl , content , aids ,uid , username , posttime , list, allowpost, yz, banner...

Joomla Joaktree Component 1.0 - SQL Injection Vulnerability

No description provided by source. / ! Joomla! Joaktree component SQL injection vulnerability ! Author : Don Tukulesto [email protected] ! Homepage : http://www.indonesiancoder.com ! Date : November 30, 2009 ! Tune In : http://antisecradio.fm choose your weapon / Software Information +...

Php168 v2008 special.php sql注入漏洞

PHP168整站是PHP领域当前功能最强大的建站系统,代码全部开源,可极其方便的进行二次开发,所有功能模块可以自由安装与删除,个人用户完全免费使用。 在文件member/ special.php中： elseif$job=="showiframe" //第126行 $rsdb=$db-getone"SELECT FROM $prespecial WHERE uid='$lfjuid' AND id='$id'"; …… if$act=="del"&&$aid //第155行 $detail=explode",",$rsdbaids; foreach $detail AS...

Joomla! Component Joaktree 1.0 - SQL Injection

/ ! Joomla! Joaktree component SQL injection vulnerability ! Author : Don Tukulesto [email protected] ! Homepage : http://www.indonesiancoder.com ! Date : November 30, 2009 ! Tune In : http://antisecradio.fm choose your weapon / Software Information + Developer : Niels van Dantzig + Downlo...

“Cocktail”therapy to deal with the variety of Trojan hybrid intrusion-vulnerability warning-the black bar safety net

Here is a quote of the“cocktail”therapy is a medical term, refers to the physician while using the a variety of anti-viral drugs to deal with AIDS. For a computer virus to a single tool in particular is very well-known tool is very easy to be viral as against the target without losing effect, it'...

CVE-2008-4372

Cross-site scripting XSS vulnerability in articles.php in AvailScript Article Script allows remote attackers to inject arbitrary web script or HTML via the aIDS parameter...

CVE-2008-4371

SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter...