19116 matches found
CVE-2026-25293
Buffer overflow due to incorrect authorization in PLC FW...
CVE-2026-25293
CVE-2026-25293 : A buffer overflow due to incorrect authorization is reported in PLC FW. Affected component is the PLC firmware; the root cause is improper authorization checks leading to memory corruption. The CVSS 3.1 vector indicates adjacent access, no privileges required, no user interaction...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
PT-2026-37194
Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.7.14 Argo Workflows versions prior to 4.0.5 Description A user with create Workflow permission can bypass the templateReferencing: Strict and Secure restrictions. This occurs because the system only blocks th...
CodeCanyon Perfex CRM 授权问题漏洞
CodeCanyon Perfex CRM is a self-hosted customer relationship management software developed by CodeCanyon. Versions of CodeCanyon Perfex CRM 3.4.1 and earlier contained an authorization vulnerability. This vulnerability stemmed from the operation of the parameter ID in the function Clients::projec...
Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense
Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...
Astra Linux – Vulnerability in Qemu
In QEMU 5.0.0, the hw/usb/hcd-ohci.c file contains an infinite loop when a TD list has a loop...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: xhci: Properly handling isoc Babble and Buffer Overrun events. xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However,...
Astra Linux – Vulnerability in Samba
A flaw was discovered in the way that a Samba, as an Active Directory Domain Controller, can support a RODC Read-Only Domain Controller. This would allow a RODC to print administrator tickets...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering. It is possible to trigger a use-after-free situation here by: a forcing rescanworkfunc to take a long time, and b using a pwrctrl driver that may be unloaded for som...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert “i2c: i801: replace acpilock with I2C bus lock” This revertment is associated with the commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads may collect information abo...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfc: pn533: Wait for outurb’s completion in pn533usbsendframe A use-after-free issue occurred in hcd when inurb sent from pn533usbsendframe was completed earlier than outurb. The callback in pn533sendComplete frees the skb dat...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host – Fixed the dereference issue in the DDMA completion flow. The dereference issue in the DDMA completion flow has been addressed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: now returns ERRPTR instead of NULL when there is no link. Currently, hciconnectsco returns NULL when there is no link i.e., when hciconnlink returns NULL. scoconnect expects ERRPTR in case of any error see...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: A possible memory leak has been fixed in hpsainitone. The hpdaallocctlrinfo function allocates the h variable and its field replymap. However, in hpsainitone, if allocpercpu fails, hpsainitone jumps directly to clean1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: i2c: riic: Moving suspend handling to NOIRQ phase Commit 53326135d0e0 “i2c: riic: Adding suspend/resume support” added suspend support for the Renesas I2C driver. Following this change, on RZ/G3E, the following warning appears...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: sh: dma: Fixed the DMA channel offset calculation. Various SoCs from the SH3, SH4, and SH4A families that use this driver feature different numbers of DMA channels, which can be distributed among up to two DMAC modules. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: Fix for statistics allocation. The controller per-cpu statistics is not allocated until after the controller has been registered with the driver core. This creates a window during which accessing the sysfs attributes may lea...
Astra Linux - уязвимость в intel-microcode
Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: Fixed an issue where shared HCD resources were leaked when attempting to set the wake-up IRQ. The issue occurred because it was not possible to set @sharedhcd to NULL before reducing the usage count via usbputhcd...