19177 matches found
Important: Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release Of the Policy Controller Operator
The Tech Preview release of the RHTAS Policy Controller Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Policy Controller Operator can be used with OpenShift Container Platform 4.15, 4.16,...
ROS-20251125-01
A vulnerability in the cross-platform software development framework Qt is related to a bug in the data boundary checking when reading data from Bluetooth L2CAP socket in processUnsolicitedReply and processReply in bluetooth/qlowenergycontrollerbluez.cpp. Exploitation of the vulnerability could...
EUVD-2025-199172
Malicious code in bestgpiocontroller npm...
CVE-2025-13564
A security flaw has been discovered in SourceCodester Pre-School Management System 1.0. Impacted is the function removefile of the file app/controllers/FilehelperController.php. Performing manipulation of the argument filepath results in denial of service. The attack is possible to be carried out...
CVE-2025-13564 SourceCodester Pre-School Management System FilehelperController.php removefile denial of service
A security flaw has been discovered in SourceCodester Pre-School Management System 1.0. Impacted is the function removefile of the file app/controllers/FilehelperController.php. Performing manipulation of the argument filepath results in denial of service. The attack is possible to be carried out...
CVE-2025-13564 SourceCodester Pre-School Management System FilehelperController.php removefile denial of service
A security flaw has been discovered in SourceCodester Pre-School Management System 1.0. Impacted is the function removefile of the file app/controllers/FilehelperController.php. Performing manipulation of the argument filepath results in denial of service. The attack is possible to be carried out...
CLSA-2025-1763722365 kernel: Fix of 62 CVEs
wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 CVE-2023-53226 - wifi: mac80211: check S1G action frame size CVE-2023-53257 CVE-2023-53257 - wifi: cfg80211: fix use-after-free in cmpbss CVE-2025-39864 CVE-2025-39864 - partitions: mac: fix handling of bogus partition...
CVE-2025-58181 vulnerabilities
Vulnerabilities for packages: gogatekeeper, crossplane-provider-aws, trivy-operator, modelmesh-runtime-adapter, tekton-pipelines, kubernetes-csi-external-attacher, atlantis, bento, cosign, gptscript, docker-cli-buildx, timestamp-authority, prometheus-pushgateway, src, terraform-provider-azuread,...
GHSA-F6X5-JH6R-WRFV vulnerabilities
Vulnerabilities for packages: gogatekeeper, crossplane-provider-aws, ko, modelmesh-runtime-adapter, kubernetes-csi-external-attacher, tekton-pipelines, atlantis, bento, cosign, gptscript, docker-cli-buildx, timestamp-authority, prometheus-pushgateway, src, terraform-provider-azuread, containerd,...
CVE-2025-47914 vulnerabilities
Vulnerabilities for packages: gogatekeeper, crossplane-provider-aws, ko, modelmesh-runtime-adapter, kubernetes-csi-external-attacher, tekton-pipelines, atlantis, bento, cosign, gptscript, docker-cli-buildx, timestamp-authority, prometheus-pushgateway, src, terraform-provider-azuread, containerd,...
GHSA-J5W8-Q4QC-RX2X vulnerabilities
Vulnerabilities for packages: gogatekeeper, crossplane-provider-aws, trivy-operator, modelmesh-runtime-adapter, tekton-pipelines, kubernetes-csi-external-attacher, atlantis, bento, cosign, gptscript, docker-cli-buildx, timestamp-authority, prometheus-pushgateway, src, terraform-provider-azuread,...
Vulnerabilities fixed in Arista EOS
Arista has fixed vulnerabilities in the Arista EOS platform. The vulnerabilities are related to the processing of malformed messages, which can lead to system crashes and denial-of-service conditions. High-privileged attackers can exploit these vulnerabilities, leading to severe operational...
Web-Based Internet Laboratory Management System /subject/controller.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally-entered SQL statements in the file /subject/controller.php. An attacker c...
Web-Based Internet Laboratory Management System controller.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. The Web-Based Internet Laboratory Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the file /course/controller.php. An attacker...
Web-Based Internet Laboratory Management System /user/controller.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally entered SQL statements in the file /user/controller.php. An attacker can...
Web-Based Internet Laboratory Management System /enrollment/controller.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally entered SQL statements in the file /enrollment/controller.php. An attacke...
Web-Based Internet Laboratory Management System /settings/controller.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally entered SQL statements in the file /settings/controller.php. An attacker...
CVE-2025-8727
There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...
CVE-2025-7623
Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system...
Bluetooth: When HCI work queue is drained, only queue chained work
...