29 matches found
CVE-2026-14480
CVE-2026-14480 affects OpenPLC Runtime v3. An authenticated user can write arbitrary files via the legacy web UI program-upload workflow by storing a attacker-controlled filename (prog_file) that is later used as the destination path. Python os.path.join() honors absolute paths, enabling writes a...
CVE-2026-0828
CVE-2026-0828 affects Safetica’s endpoint client x64, specifically the kernel driver ProcessMonitorDriver.sys (versions 10.5.75.0 and 11.11.4.0). The vulnerability stems from an IOCTL path that lacks proper caller privilege validation, allowing an unprivileged user with a handle to the device to ...
CVE-2026-53253
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
CVE-2026-53253 Bluetooth: bnep: reject short frames before parsing
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
CVE-2025-52532
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgvcmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the...
CVE-2025-52532
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgvcmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the...
VulTriage: Triple-Path Context Augmentation for LLM-Based Vulnerability Detection
Automated vulnerability detection is a fundamental task in software security, yet existing learning-based methods still struggle to capture the structural dependencies, domain-specific vulnerability knowledge, and complex program semantics required for accurate detection. Recent Large Language...
EUVD-2026-26594
In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007268)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007268 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx...
CVE-2023-54300 wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...
EUVD-2010-2485
Malware in sbrugna...
EUVD-2025-8488
Malicious code in bioql PyPI...
CVE-2022-45918
ILIAS before 7.16 allows External Control of File Name or Path...
UBUNTU-CVE-2025-21875
In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING: CP...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA version 3.2.0 that stems from vulnerability to SQL injection attacks via the nextPage parameter in /controle/control.php...
CVE-2024-50304 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash table is protected by the RTNL mutex and iptunnelfind is only called from the control path where the mutex is taken. Add a lockdep...
PT-2024-34129
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc3-custom-gd95d9a31aceb Description: The issue is related to a suspicious RCU usage warning in the ip tunnel find function. The per-netns IP tunnel hash table is protected by the RTNL mutex, and ip tunne...
AZL-68343 CVE-2024-41082 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...
UBUNTU-CVE-2024-41082
In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...
OESA-2024-1706 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter...