10 matches found
Astra Linux - уязвимость в krb5
The vulnerability of the krb5chpwmessage function in the Kerberos authentication protocol is related to insufficient input validation. Exploiting this vulnerability allows an attacker to access confidential data and also cause service interruptions...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csumstart and offset in virtionethdr Tighten csumstart and csumoffset checks in virtionethdrtoskb for GSO packets. The function already checks that a checksum requested with VIRTIONETHDRFNEEDSCSUM is in skb...
CVE-2026-39341
ChurchCRM is an open-source church management system. Prior to 7.1.0, the application is vulnerable to time-based SQL injection due to an improper input validation. Endpoint Reports/ConfirmReportEmail.php?familyId= is not correctly sanitising user input, specifically, the sanitised input is not...
CVE-2025-68143
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...
CVE-2025-48623
In initpkvmhypvcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
kernel: netfilter: complete validation of user input
A denial of service vulnerability exists in the Linux kernel such that @optlen validation is not called before the function xtalloctableinfo, an attacker could craft a payload that results in a crash resulting in loss of availability...
Improper Input Validation
Overview railsmultisite is a gem for multi-db support for Rails applications. Affected versions of this package are vulnerable to Improper Input Validation. Secure/signed cookies share secrets between sites in a multi-site application. Impact This vulnerability impacts any Rails applications usin...
openstack-neutron: arbitrary dnsmasq reconfiguration via extra_dhcp_opts
An input-validation flaw was found in openstack-neutron, where an authenticated attacker could change the dnsmasq configuration. By crafting extradhcpopts values, the attacker could crash the dnsmasq, change parameters for tenants sharing the same interface, or otherwise alter that daemon’s...
NOCC 1.0 no_mail.php html_no_mail Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject...
PHP Perl Extension Safe_mode Bypass Exploit
No description provided by source. ?php ---------------------------------------------------- ----PHP Perl Extension Safemode Bypass Exploit----- ---------------------------------------------------- -Author:--NetJackal--------------------------------- -Email:---nima501atyahoodotcom----------------...