PHP 8.2.x < 8.2.28 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.32, 8.2.x prior to 8.2.28, 8.3.x prior to 8.3.19, or 8.4.x prior to 8.4.5. It is, therefore, affected by multiple vulnerabilities: - libxml streams use wrong content-type header wh...

net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic()

...

PT-2025-16811 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

PT-2025-16812 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

PT-2025-16810 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: A SQL injection vulnerability has been identified in the affected application through the internally used RestoreFromBackup method. This could allow an authenticated remote...

Linux Distros Unpatched Vulnerability : CVE-2019-12529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the...

CVE-2025-25951

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information...

Serosoft Solutions Academia Student Information System EagleR 安全漏洞

Serosoft Solutions Academia Student Information System EagleR is a student information system from Serosoft Solutions, India. A security vulnerability exists in Serosoft Solutions Academia Student Information System EagleR v1.0.118, which originates in the /rest/cb/executeBasicSearch component...

PT-2025-9241

Name of the Vulnerable Software and Affected Versions Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR version 1.0.118 Description An information disclosure issue in the /rest/cb/executeBasicSearch component allows attackers to access sensitive user information...

MAL-2025-1573 Malicious code in basic-data-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1226e5e77825d2e5d196dbb1155230067191bfad4c3777ba65b50ab5a95dc9e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in basic-data-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1226e5e77825d2e5d196dbb1155230067191bfad4c3777ba65b50ab5a95dc9e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-47053

This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. This flaw could allow unauthorized access to sensitive report data. Improper Authorization: An authorization flaw exists in Mautic's API Authorization implementation. Any authenticated use...

SUSE CVE-2022-49533

In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 WLANSCANPARAMSMAXSSID when registering the driver. The scanreqparams...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the Reporting API. An attacker can gain unauthorized access to sensitive report data by exploiting the flawed HTTP Basic Authentication implementation. Note: This is only exploitable if the API is enabled and...

CVE-2024-47053

This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. This flaw could allow unauthorized access to sensitive report data. Improper Authorization: An authorization flaw exists in Mautic's API Authorization implementation. Any authenticated use...

CVE-2024-47053 Improper Authorization in Reporting API

This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. This flaw could allow unauthorized access to sensitive report data. Improper Authorization: An authorization flaw exists in Mautic's API Authorization implementation. Any authenticated use...

CVE-2024-47053

CVE-2024-47053 concerns an authorization flaw in Mautic’s API. Any authenticated user can access all reports and their data via the API, bypassing permissions intended to restrict access to non-system reports (e.g., View Own/View Others). The vulnerability arises from Mautic’s HTTP Basic Authenti...

CVE-2022-49521

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix resource leak in lpfcsli4sendseqtoulp If no handler is found in lpfccompleteunsoliocb to match the rctl of a received frame, the frame is dropped and resources are leaked. Fix by returning resources when discardin...

UBUNTU-CVE-2022-49533

In the Linux kernel, the following vulnerability has been resolved: ath11k: Change max no of active probe SSID and BSSID to fw capability The maximum number of SSIDs in a for active probe requests is currently reported as 16 WLANSCANPARAMSMAXSSID when registering the driver. The scanreqparams...

CVE-2022-49521

In CVE-2022-49521, the Linux kernel vulnerability affects the lpfc SCSI path: if lpfc_complete_unsol_iocb() cannot match the rctl of a received frame, the frame is dropped and resources are leaked. The fix returns resources when discarding an unhandled frame type and updates lpfc_fc_frame_check()...