CVE-2026-40821 Authenticated SQLi in getAccountByID function

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

EUVD-2026-31624

A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2026-8743

A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ranuefindbyamfuengapid of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been made public...

CVE-2026-2469

Versions of the package directorytree/imapengine before 1.22.3 are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the id function in ImapConnection.php due to improperly escaping user input before including it in IMAP ID commands...

CVE-2026-2469

CVE-2026-2469 affects directorytree/imapengine prior to 1.22.3. The root cause is improper escaping in ImapConnection.php when constructing IMAP ID commands, allowing injection via id() inputs (quotes or CRLF). Impact includes reading/deleting emails, terminating sessions, or issuing any IMAP com...

PT-2026-8056

Name of the Vulnerable Software and Affected Versions directorytree/imapengine versions prior to 1.22.3 Description The software contains a flaw due to improper handling of user-supplied data before it is used in IMAP ID commands within the ImapConnection.php file. Specifically, the id function...

EUVD-2011-1210

Malware in sbrugna...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-403670)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-403670 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missi...

DEBIAN-CVE-2022-50278

In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, move devsetname after pnpaddid to avoid memory leak...

CVE-2025-1821

A vulnerability was found in zj1983 zz up to 2024-8 and classified as critical. Affected by this issue is the function getUserOrgForUserId of the file src/main/java/com/futvan/z/system/zorg/ZorgAction.java. The manipulation of the argument userID leads to sql injection. The attack may be launched...

fs: Fix uninitialized value issue in from_kuid and from_kgid

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential error problem caused by misuse of the smpprocessorid function...

DEBIAN-CVE-2023-47480

An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the setid function...

CVE-2023-47480

An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the setid function...

UBUNTU-CVE-2023-47480

An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the setid function...

CVE-2023-47480

An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the setid function...

CVE-2023-47480

An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the setid function...

CVE-2023-47480

CVE-2023-47480 affects Pure Data up to 0.54-0, with a local privilege-escalation through the set*id() family of calls; fixed in 0.54-1. Debian LTS DLA-3895-1 and related advisories note the fix in Debian 11 (puredata 0.51.4-1+deb11u1) and recommend upgrading. Other NASL/OpenVAS entries indicate u...

PT-2024-13455 · Pure Data · Pure Data

Name of the Vulnerable Software and Affected Versions: Pure Data versions 0.54-0 Description: An issue in Pure Data allows a local attacker to escalate privileges via the setid function. This is a local privilege escalation issue that can be exploited by a local attacker to gain higher privileges...

SourceCodester Lot Reservation Management System SQL注入漏洞

SourceCodester Lot Reservation Management System is a parking lot reservation management system from SourceCodester, Inc. A SQL injection vulnerability exists in the SourceCodester Lot Reservation Management System version 1.0, which stems from an SQL injection vulnerability in the id function of...