30 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...
CVE-2026-3010
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2...
CVE-2025-68797
In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...
UBUNTU-CVE-2025-68797
In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...
CVE-2025-68797
In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...
CVE-2025-68797
In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...
PT-2026-2529
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the ac ioctl function within the Linux kernel. Specifically, validation of the IndexCard and a check for a valid RamIO pointer are bypassed when the command cmd is 6. Th...
EUVD-2007-4670
Malware in sbrugna...
EUVD-2025-25506
Malicious code in bioql PyPI...
EUVD-2022-41576
Malicious code in bioql PyPI...
CVE-2025-31147
Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users...
DEBIAN-CVE-2022-49271
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...
WordPress plugin Code Embed 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...
CVE-2024-33787
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuserNumber parameter at searchuser.aspx...
CVE-2024-33787
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuserNumber parameter at searchuser.aspx...
CVE-2024-33787
CVE-2024-33787 affects Hengan Weighing Management Information Query Platform (versions 2019–2021 53.25). A SQL injection vulnerability exists in the tuser_Number parameter of search_user.aspx, causing potentially high impact (CVE CVSS 3.1 base score 8.2, Confidentiality High, Integrity Low). No e...
CVE-2024-33787
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuserNumber parameter at searchuser.aspx...
CVE-2024-27605
Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users test can query information about the users in the system...
CVE-2024-21665
ecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle. An authenticated and unauthorized user can access the back-office orders list and be able to query over the information returned. Access control and permissions are not being enforced. This vulnerability has been patched in...
CVE-2022-39030
smart eVision has inadequate authorization for system information query function. An unauthenticated remote attacker, who is not explicitly authorized to access the information, can access sensitive information...