4715 matches found
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug was triggered within the decodedeliverreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through...
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodestatusreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in dbAdjTree. Currently, there is a missing bounds check when accessing the dmtstree within dbAdjTree. To address this issue, a boolean variable named “isctl” was added. This variable...
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodedeliver function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS. There i...
Astra Linux – Vulnerability in Firefox and Thunderbird
GetBoundName might return the wrong version of an object when JIT optimizations are applied. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Driver Core: Fixed a potential nullptrderef in deviceadd. I encountered the following nullptrderef during fault injection testing: BUG: NULL pointer dereferencing in the kernel. Address: 0000000000000058 CPU: 2 PID: 278 Comm:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: HID: mcp2221: prevented a buffer overflow in mcpsmbuswrite Match Warning: drivers/hid/hid-mcp2221.c:388 mcpsmbuswrite error: memcpy ‘&mcp-txbuf5’ is too small 59 vs 255 drivers/hid/hid-mcp2221.c:388 mcpsmbuswrite error: memcpy...
Astra Linux – Vulnerability in editorconfig-core
There is a stack buffer overflow issue in the ecglob function of editorconfig-core-c before version 0.12.6. This vulnerability allows an attacker to write arbitrary data to the stack, potentially leading to remote code execution. Editorconfig-core-c version 0.12.6 has addressed this vulnerability...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bonding: A potential infinite loop has been prevented in the bondheaderparse function. The bondheaderparse function may enter an infinite loop if a stack of two bonding devices is set up, because skb-dev always points to the top ...
CVE-2026-12050
SQL injection in pgAdmin 4's named restore point endpoint POST /browser/server/restorepoint/gid/sid. The user-supplied 'value' field was interpolated directly into the SQL string with str.format instead of being passed as a bound parameter, allowing an authenticated pgAdmin user with a connected...
PT-2026-50901
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description Insecure default credentials exist when TLS configuration is absent and the server is bound beyond the loopback interface. This allows an unauthenticated user on the local network to gain...
PT-2026-51039
Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description An authentication logic flaw allows an attacker to register and control an account linked to a victim's email address before the email is verified. By enabling two-factor authentication on this...
CVE-2026-12050
CVE-2026-12050 concerns pgAdmin 4. An authenticated user with a connected PostgreSQL session can exploit a SQL injection in the named restore point endpoint (POST /browser/server/restore_point/{gid}/{sid}) because the user-supplied value is interpolated into SQL via string formatting instead of a...
CVE-2026-12050 pgAdmin 4: SQL injection in named restore point endpoint
SQL injection in pgAdmin 4's named restore point endpoint POST /browser/server/restorepoint/gid/sid. The user-supplied 'value' field was interpolated directly into the SQL string with str.format instead of being passed as a bound parameter, allowing an authenticated pgAdmin user with a connected...
CVE-2026-49257
Summary of CVE-2026-49257 – mcp-pinot : Versions 3.0.1 and earlier run an HTTP MCP server bound to 0.0.0.0:8080 with no authentication, exposing all MCP tools (SQL query execution, schema creation, table-config mutation) to any network-adjacent caller. The server proxies these calls using server-...
PT-2026-50816
Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 1.0 through 9.15 Description An issue exists in the named restore point endpoint 'POST /browser/server/restore point/gid/sid' where the user-supplied value field is interpolated directly into the SQL string using str.format...
EUVD-2026-37784
libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...
CVE-2026-48599
Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In...
EUVD-2026-37013
Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In...
GHSA-HPCV-96WG-7VJ8 DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks
Cross-realm INPLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-50...