Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From the abort path, nftmapelemactivate needs to restore refcounters to their original state. Currently, it uses set-ops-walk to iterate over these set elements. The...

PT-2026-37158

Name of the Vulnerable Software and Affected Versions Distribution versions prior to 3.1.1 Description An authorization bypass exists where tag deletion via the "/v2//manifests/" endpoint ignores the storage.delete.enabled: false configuration. This allows any API client to remove tags from...

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

CVE-2026-28442

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting directly with the API, these restrictions can be...

PT-2025-51151

Name of the Vulnerable Software and Affected Versions Computer Book Store version 1.0 Description A weakness exists in Computer Book Store version 1.0 related to SQL injection. The issue is located in the /admin delete.php file, specifically within an unknown function. Manipulation of the bookisb...

EUVD-2025-25906

Malicious code in bioql PyPI...

CVE-2022-50377

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-50377

CVE-2022-50377 is rejected by the CVE Numbering Authority and not an active entry.

PT-2025-38325

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ext4 file system related to inode eviction. Specifically, in the ext4 evict inode function, a race condition can occur when evicting an inode ...

SourceCodester Online Student File Management 安全漏洞

SourceCodester Online Student File Management is a SourceCodester open source online student file management system. A security vulnerability exists in SourceCodester Online Student File Management version 1.0, which originates from an incorrect manipulation of the parameter studentid in the file...

CVE-2025-54598

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...

LitmusChaos 安全漏洞

LitmusChaos is a program open-sourced by Litmus Chaos that practices chaos engineering in a cloud-native manner. A security vulnerability exists in LitmusChaos 3.19.0 and earlier versions, which stems from a lack of authorization for the parameter projectID in the file /auth/deleteproject, which...

BlueCMS 安全漏洞

BlueCMS is a content management system CMS based on PHP and MySQL. A security vulnerability exists in BlueCMS version 1.6, which originates from arbitrary file deletion via the filename parameter in the /admin/database.php?act=del request...

DEBIAN-CVE-2024-44944

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nfexpectgetid helper function to calculate the expectation ID, otherwise LSB of the expectation object address is...

CVE-2024-42627

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/snippet/delete/3...

CVE-2024-2317

A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This issue affects some unknown processing of the file /prescription/prescription/delete/ of the component Prescription Page. The manipulation leads to improper authorization. The attack may be...

CVE-2024-2134

A vulnerability has been found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. This vulnerability affects unknown code of the file /investigation/delete/ of the component Investigation Report Handler. The manipulation leads to cross-site request forgery. The attack can...

CVE-2024-25320

Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFFID parameter at /affair/delete.php...

IBOS SQL Injection Vulnerability

IBOS is a collaborative office management system from Shenzhen Boosi Xiechuang Network Technology Co. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from an SQL injection attack via the ?r=dashboard/position/del location...