8979 matches found
MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞
MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...
PT-2026-43595
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...
CVE-2026-7310
A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful...
ROS-20260526-73-0001
A vulnerability in the email interpreter module of the Python programming language is related to improper code generation control. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...
CVE-2026-44053
A flaw was found in Netatalk. Weak cryptography in the dhcast128 User Authentication Module UAM allows a remote attacker to potentially compromise the confidentiality and integrity of data. This vulnerability could enable unauthorized access to sensitive information or allow for the manipulation ...
CVE-2026-7836
A flaw was found in Netatalk. A remote attacker with low privileges could exploit a bug in the hextoint macro related to uppercase characters. This vulnerability could lead to a low impact on data integrity...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability include Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0....
Astra Linux – Vulnerability in grub2
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory use-after-free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Added a hardware sync wait to fimcishwchangemode In fimcishwchangemode, the function changes camera modes without waiting for hardware completion. This can lead to corrupted data or a system hanging i...
Astra Linux – Vulnerability in PostgresSQL 11
A flaw was discovered in PostgreSQL versions prior to 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20, and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, ther...
Astra Linux – Vulnerability in grub2
A flaw was discovered in the HFS filesystem. When reading the name of an HFS volume during the grubfsmount function, the HFS filesystem driver uses the user-provided volume name as input without properly verifying the length of that name. This issue may lead to a heap-based out-of-bounds write...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/writeback: Skip mappings with ASNODATAINTEGRITY in waitsbinodes. In the while loop of waitsbinodes, it is documented that we must wait for all pages under writeback to ensure data integrity. Consequently, if a mapping, such as...
Astra Linux – Vulnerability in libhibernate3-java
A flaw was discovered in Hibernate-core in versions prior to and including 5.4.23.Final. An SQL injection occurs in the implementation of the JPA Criteria API; this allows unsanitized literals to be used in SQL comments within queries. This flaw could enable attackers to access unauthorized...
Astra Linux – Vulnerability in Samba
A flaw was discovered in Samba. The Samba smbd file server must map Windows group identities SIDs to Unix group IDs gids. The code responsible for this mapping contained a flaw that could allow it to read data beyond the end of the array, in the event that a negative cache entry was added to the...
Astra Linux – Vulnerability in Ceph
A flaw was discovered in ceph-dashboard. The JSON Web Token JWT used for user authentication is stored by the frontend application in the browser’s localStorage, which is potentially vulnerable to attacks via XSS attacks. The most significant threat of this vulnerability is related to data...
Astra Linux – Vulnerability in libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. A heap-based buffer overflow is possible in the function WebPDecodeRGBInto due to an invalid check for buffer size. The greatest threat from this vulnerability is related to data confidentiality and integrity, as well as system...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Writeback: Do not block sync for file systems with no data integrity guarantees. A SBINODATAINTEGRITY superblock flag was added for file systems that cannot guarantee data persistence during sync e.g., fuse. For superblocks with...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: The read pointer is updated only after the buffer has been written. Within mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written. This may lead to race conditions, where the host see...
Astra Linux – Vulnerability in Jackson-Databind
A flaw was discovered in FasterXML Jackson Databind; it does not properly secure entity expansion. This flaw exposes the system to XML external entity XXE attacks. The most significant threat from this vulnerability is data integrity...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed state management in the error path of the log writing function. After the commit a694291a6211 “nilfs2: separate the wait function from nilfssegctorwrite” was applied, the log writing function...