CVE-2026-43267 wifi: rtw89: fix potential zero beacon interval in beacon tracking

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bssconf-beaconint might be zero, which could result in a division by zero error in subsequent calculations. Set a...

CVE-2025-34308

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the UPDATEVALUE parameter when updating the default time synchronization settings. When the default values...

CVE-2025-34308 IPFire < v2.29 Stored XSS via Default Time Sync

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the UPDATEVALUE parameter when updating the default time synchronization settings. When the default values...

CVE-2025-34308

IPFire 2.x before 2.29 (Core Update 198) has a stored XSS via the UPDATE_VALUE parameter when updating Time Server settings. An authenticated user can submit arbitrary JavaScript to /cgi-bin/time.cgi; the value is stored and later rendered in the web interface, allowing script execution in other ...

OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)

Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related ...

OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)

Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related ...

OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)

Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related ...

OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)

Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related ...

PHP-Nuke Module Advertising Blind SQL Injection

!/usr/bin/perl Product: PHP-Nuke Module Advertising BugFounder: 0x90 HomePage: WwW.0x90.COM.Ar Problem: Blind SQL Injection use strict; use warnings; use LWP; use Time::HiRes; use IO::Socket; my $host = "http://url/modules.php?name=Advertising"; my $useragent = LWP::UserAgent-new; my $metodo =...

Campsite 2.6.1 - SubscriptionDefaultTime.php?g_documentRoot Remote File Inclusion

Campsite 2.6.1 - SubscriptionDefaultTime.php?gdocumentRoot Remote File Inclusion source: https://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver...