Lucene search
+L

91 matches found

astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Corrected the allocation size for bytes controls. The size of the data behind scontrol-ipccontroldata for bytes controls is as follows: 1 sizeofstruct sofipc4controldata + // kernel-only struct 2...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: Check the return value of sockrecvmsg when draining CLC data. When receiving a CLC message, the field fieldlength in smcclcmsghdr indicates the length of the message that should be received from the network. This value...

7.5CVSS6.4AI score0.0075EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/20 1:25 a.m.8 views

CVE-2026-8685

The Infility Global plugin for WordPress is vulnerable to SQL Injection via the 'orderby' and 'order' parameters in all versions up to, and including, 2.15.16. This is due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing SQL query within the...

6.5CVSS5.9AI score0.00359EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/05/11 12:0 a.m.11 views

Wikimedia AbuseFilter 输入验证错误漏洞

Wikimedia AbuseFilter is an editing filter tool developed by the Wikimedia Foundation, designed to automatically filter and block suspicious edits, account creation, and other disruptive activities based on custom rules. Versions of Wikimedia AbuseFilter prior to 1.43.7, as well as versions 1.44....

2.1CVSS5.8AI score0.00244EPSS
Exploits0References1
cve
cve
added 2026/05/06 11:32 a.m.23 views

CVE-2025-71286

The CVE-2025-71286 issue concerns the Linux kernel’s ALSA SOF ipc4-topology component, where memory allocation for bytes controls was miscalculated. This could allow local memory corruption due to under-allocating space behind scontrol->ipc_control_data; fixes request allocating additional mem...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References5Affected Software1
osv
osv
added 2026/05/06 11:32 a.m.2 views

CVE-2025-71286 ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/04/22 12:0 a.m.9 views

PT-2026-34464

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payload with 688 bytes of padding followed by 4 bytes of controlled data to crash the application or...

8.6CVSS6.2AI score0.00201EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2025/11/30 12:0 a.m.7 views

PT-2025-48405

opening the vault on a 3-year-old vulnerability: CVE-2022-35420 back in 2022, I got bored and decided to hunt for a zero-day instead of writing the red-team report. I found an unauthenticated admin takeover in a SCADA system used to control real-world physical machinery. I waited until now to...

6.7AI score
Exploits0References1
euvd
euvd
added 2025/10/21 12:31 p.m.5 views

EUVD-2022-54711

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

7.1CVSS5.4AI score0.00234EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-1974

Malware in sbrugna...

6.5CVSS6.5AI score0.01518EPSS
Exploits1References3
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2499

Malware in sbrugna...

7.5CVSS5.9AI score0.01294EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-55381

Malicious code in bioql PyPI...

6.7AI score0.00166EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-21067

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00423EPSS
Exploits0References1
redhat
redhat
added 2025/09/10 8:45 p.m.16 views

kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtwfwbtwificontrolrtwdev, para0, &para1', which reads 5 bytes: void rtwfwbtwificontrolstruct...

7.1CVSS6.9AI score0.00142EPSS
Exploits0References5
redhat
redhat
added 2025/09/10 5:18 p.m.6 views

kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtwfwbtwificontrolrtwdev, para0, &para1', which reads 5 bytes: void rtwfwbtwificontrolstruct...

7.1CVSS6.9AI score0.00142EPSS
Exploits0References5
packetstorm
packetstorm
added 2025/08/26 12:0 a.m.159 views

📄 GeoVision ASManager Windows Application 6.1.2.0 Credential Disclosure

GeoVision ASManager Windows Application version 6.1.2.0 suffers from a credential disclosure vulnerability. Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage:...

5.1CVSS7.2AI score0.01278EPSS
Exploits2
redhat
redhat
added 2025/08/18 3:1 p.m.5 views

kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtwfwbtwificontrolrtwdev, para0, &para1', which reads 5 bytes: void rtwfwbtwificontrolstruct...

7.1CVSS6.9AI score0.00142EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2025/08/01 12:0 a.m.10 views

The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager (WDM) and the microprogramming software for programmable logic controllers from Honeywell, the Experion PKS, allows a hacker to execute arbitrary code.

The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed software for programmable logic controllers like Honeywell Experion PKS is related to the implementation by an inappropriate developer. Exploiting this vulnerability...

8.5CVSS5.9AI score0.00468EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2025/08/01 12:0 a.m.8 views

The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS allows a intruder to execute arbitrary code and cause a service failure.

The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS is related to a countable degree of significance loss. Exploiting this vulnerability could allow an attacker to execu...

9.7CVSS6.3AI score0.00685EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2025/08/01 12:0 a.m.10 views

The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS allows a intruder to execute arbitrary code and cause a service failure.

The vulnerability of the Control Data Access component of the Honeywell OneWireless Wireless Device Manager and the microprogrammed logic controllers of the Honeywell Experion PKS is related to a countable degree of significance loss. Exploiting this vulnerability could allow an attacker to execu...

8.5CVSS6AI score0.00315EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder