CVE-2026-31768

The CVE-2026-31768 issue affects the Linux kernel driver iio: adc: ti-adc161s626, where SPI read operations used non-DMA-safe stack memory. The mitigation is to allocate a DMA-safe buffer and perform spi_read() into that buffer, replacing stack-based buffers. Since the read would require only up ...

matrix-hookshot injection vulnerability

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. An injection vulnerability exists in matrix-hookshot 4.5.0 and prior versions, which can be exploited to break out of the vm2 sandbox in instances where conversion functions are enabled...

docconv 安全漏洞

docconv is Search.io open source a library . PDF, DOC, DOCX, XML, HTML, RTF , etc. will be converted to plain text . docconv 1.2.0 and previous versions of a security vulnerability , the vulnerability stems from its ConvertDocx/ConvertODT/ConvertPages/ConvertXML/XMLToText function of the operatio...

Debian DSA-3452-1 : claws-mail - security update

'DrWhax' of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account of a user that receives a message from them using Claws Mail. %NASLMINLEVEL 70300 C Tenable Network...

DSA-3452-1 claws-mail - security update

Bulletin has no description...

MSSQL SQL Injection

Вывод ошибок. http://site.com/script.asp?id=5's Код: Microsoft OLE DB Provider for SQL Server error '80040e14' MicrosoftODBC SQL Server DriverSQL ServerUnclosed quotation mark after the character string '5's'. /file.asp, line 1000 Ошибки могут быть разные, в зависимости на чем обрабатывается mssq...

CVE-2005-1409

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."...