90 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Corrected the allocation size for bytes controls. The size of the data behind scontrol-ipccontroldata for bytes controls is as follows: 1 sizeofstruct sofipc4controldata + // kernel-only struct 2...
CVE-2026-8685
The Infility Global plugin for WordPress is vulnerable to SQL Injection via the 'orderby' and 'order' parameters in all versions up to, and including, 2.15.16. This is due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing SQL query within the...
Wikimedia AbuseFilter 输入验证错误漏洞
Wikimedia AbuseFilter is an editing filter tool developed by the Wikimedia Foundation, designed to automatically filter and block suspicious edits, account creation, and other disruptive activities based on custom rules. Versions of Wikimedia AbuseFilter prior to 1.43.7, as well as versions 1.44....
CVE-2025-71286
The CVE-2025-71286 issue concerns the Linux kernel’s ALSA SOF ipc4-topology component, where memory allocation for bytes controls was miscalculated. This could allow local memory corruption due to under-allocating space behind scontrol->ipc_control_data; fixes request allocating additional mem...
PT-2026-34464
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payload with 688 bytes of padding followed by 4 bytes of controlled data to crash the application or...
PT-2025-48405
opening the vault on a 3-year-old vulnerability: CVE-2022-35420 back in 2022, I got bored and decided to hunt for a zero-day instead of writing the red-team report. I found an unauthenticated admin takeover in a SCADA system used to control real-world physical machinery. I waited until now to...
EUVD-2022-54711
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...
EUVD-2019-2499
Malware in sbrugna...
EUVD-2016-1974
Malware in sbrugna...
EUVD-2022-55381
Malicious code in bioql PyPI...
EUVD-2025-21067
Malicious code in bioql PyPI...
kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtwfwbtwificontrolrtwdev, para0, ¶1', which reads 5 bytes: void rtwfwbtwificontrolstruct...
kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtwfwbtwificontrolrtwdev, para0, ¶1', which reads 5 bytes: void rtwfwbtwificontrolstruct...
📄 GeoVision ASManager Windows Application 6.1.2.0 Credential Disclosure
GeoVision ASManager Windows Application version 6.1.2.0 suffers from a credential disclosure vulnerability. Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage:...
kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtwfwbtwificontrolrtwdev, para0, ¶1', which reads 5 bytes: void rtwfwbtwificontrolstruct...
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS allows a intruder to execute arbitrary code and cause a service failure.
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS is related to a countable degree of significance loss. Exploiting this vulnerability could allow an attacker to execu...
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS allows a intruder to execute arbitrary code and cause a service failure.
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS is related to a countable degree of significance loss. Exploiting this vulnerability could allow an attacker to execu...
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager (WDM) and the microprogramming software for programmable logic controllers from Honeywell, the Experion PKS, allows a hacker to execute arbitrary code.
The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed software for programmable logic controllers like Honeywell Experion PKS is related to the implementation by an inappropriate developer. Exploiting this vulnerability...
CVE-2025-6741
Improper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via the secure message entry attachment feature This issue affects the following versions : Devolutions Server 2025.2.2.0 through 2025.2.4.0 Devolutions Server...
CVE-2025-2522
The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in buffer reuse which may...