58 matches found
SUSE-SU-2026:22454-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues Update to 2.93: - CVE-2026-12725: heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies bsc1268764...
SUSE-SU-2026:22496-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues Update to 2.93: - CVE-2026-12725: heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies bsc1268764. Changes for dnsmasq: CVE-2026-12725, bsc1268764: Heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies...
OPENSUSE-SU-2026:21192-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues Update to 2.93: - CVE-2026-12725: heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies bsc1268764. Changes for dnsmasq: CVE-2026-12725, bsc1268764: Heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies...
Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies
...
CVE-2026-12725 Dnsmasq: dnsmasq: heap buffer overflow in log_query() when logging unsupported ds/dnskey replies
A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply su...
CVE-2026-12725
CVE-2026-12725 affects dnsmasq. The flaw is a heap-based buffer overflow in the log_query() path when DNSSEC validation and query logging are both enabled and DNS responses contain DS/DNSKEY records with unsupported algorithm or digest types. This can cause dnsmasq to write past the end of an int...
EUVD-2023-46637
Malicious code in bioql PyPI...
EUVD-2025-28884
Malicious code in bioql PyPI...
CVE-2025-10822
A vulnerability has been found in fuyanglipengjun platform 1.0. The impacted element is the function SysSmsLogController of the file /sys/smslog/queryAll. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit has been disclosed to the public and m...
CVE-2025-10822 fuyang_lipengjun platform queryAll SysSmsLogController improper authorization
A vulnerability has been found in fuyanglipengjun platform 1.0. The impacted element is the function SysSmsLogController of the file /sys/smslog/queryAll. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit has been disclosed to the public and m...
CVE-2025-10084
A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly...
CVE-2025-9740
CVE-2025-9740 affects code-projects Human Resource Integrated System 1.0. The vulnerability is in /log_query.php where manipulation of the ID parameter enables SQL injection, with remote exploitation and public availability of the exploit. Multiple sources corroborate the issue across vendors and...
CVE-2025-9740 code-projects Human Resource Integrated System log_query.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /logquery.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...
CVE-2025-9740 code-projects Human Resource Integrated System log_query.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /logquery.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...
PT-2025-35421
Name of the Vulnerable Software and Affected Versions: code-projects Human Resource Integrated System version 1.0 Description: A SQL injection issue exists in the /log query.php file. Manipulation of the ID argument can lead to SQL injection. The exploit has been made public and could be used to...
Code-Projects Human Resource Integrated System 安全漏洞
Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /logquery.php. An attacker can exploit...
Linux Distros Unpatched Vulnerability : CVE-2016-10204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query...
CVE-2023-39678
A cross-site scripting XSS vulnerability in the device web interface Log Query page of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter...
CVE-2023-42178
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...
Exploit Me, Baby, One More Time: Command Injection in Kubernetes Log Query
A vulnerability in Kubernetes allows remote code execution. Read how abusing Log Query can lead to a complete takeover of all Windows nodes in a cluster...