Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: Holding csfgcsdevlock while removing cscfg from csdev. There may be a race condition related to coresight configuration: CPU0 CPU1 perf enable load module cscfgloadconfigsets Activate configuration. // sysfs sysactivec...

EUVD-2026-30710

A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILOCONFIGCONTENT can lead to information disclosure. It is...

CVE-2026-8766 Kilo-Org kilocode Environment Variable config.ts load information disclosure

A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILOCONFIGCONTENT can lead to information disclosure. It is...

PT-2026-28539

Name of the Vulnerable Software and Affected Versions Convict affected versions not specified Description The software contains two prototype pollution flaws not addressed by prior fixes. The first flaw exists in the config.load and config.loadFile functions, where the overlay function recursivel...

CVE-2025-14405

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

CVE-2024-56837

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

CVE-2025-66448

vLLM (prior to 0.11.1) contains a remote code execution vulnerability in Nemotron_Nano_VL_Config where, during model loading, an auto_map entry can cause get_class_from_dynamic_module to fetch and execute code from a remote repository, bypassing trust_remote_code checks. This can enable an attack...

CVE-2025-50515

An issue was discovered in phome Empirebak 2010 in ebak2008/upload/class/config.php allowing attackers to execute arbitrary code when the config file was loaded...

CVE-2025-3705 OS Command Injection via USB Config Load

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' when loading a config file from a USB drive...

CVE-2025-3705

CVE-2025-3705 describes an OS Command Injection vulnerability: loading a config file from a USB drive allows a physical attacker with no privileges to execute commands and gain full control of the affected device. Documents identify Frauscher Sensortechnik products (e.g., FDS101, FDS102, FDS-SNMP...

SUSE CVE-2021-47158

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105setup If any of sja1105staticconfigload, sja1105clockingsetup or sja1105devlinksetup fails, we can't just return in the middle of sja1105setup or memory will leak. Add a cleanup pat...

DEBIAN-CVE-2021-47158

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105setup If any of sja1105staticconfigload, sja1105clockingsetup or sja1105devlinksetup fails, we can't just return in the middle of sja1105setup or memory will leak. Add a cleanup pat...

SUSE CVE-2004-1076

Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file...

PT-2022-25671 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: Windscribe affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order...

PT-2024-11206 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel, where a vulnerability has been resolved by adding error handling in the sja1105 setup function. If any of the sja1105 static config load,...