SourceCodester E-Learning System security vulnerabilities

The SourceCodester E-Learning System is an open-source e-learning system developed by SourceCodester. Version 1.0 of the SourceCodester E-Learning System contains a security vulnerability. This vulnerability stems from incorrect handling of parameters “Title” and “Description” in the file...

ROS-20260119-7355

A vulnerability in the ovsvportcmdfillinfo function of the net/openvswitch/datapath.c module of the Open vSwitch router support module of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integri...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.503.AXS4 (AXSA:2017-1378:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1378:03 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

MiracleLinux 4 : rh-php56-php-5.6.5-8.AXS4 (AXSA:2016-144:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-144:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers...

MiracleLinux 3 : php-5.1.6-45.0.1.AXS3 (AXSA:2014-794:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-794:03 advisory. Description : PHP is an HTML-embedded scripting language that allows developers to write dynamically generated web pages. PHP is ideal for writing...

MiracleLinux 8 : pcs-0.10.17-2.el8.ML.1 (AXBA:2023-7294:14)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXBA:2023-7294:14 advisory. - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to...

ROS-20260119-7390

A vulnerability in the ieee80211ifparseactivelinks function of the net/mac80211/debugfsnetdev.c module of the Linux kernel is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7359

A vulnerability in the arch/x86/kvm/hyperv.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 4 : perl-5.10.1-130.AXS4 (AXSA:2013-320:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-320:01 advisory. Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is...

CVE-2025-15539

Open5GS up to 2.7.6 is affected by a Denial of Service vulnerability in the sgwc component. The issue is in the function sgwc_s11_handle_downlink_data_notification_ack (src/sgwc/s11-handler.c), which can be triggered remotely. The exploit has been publicly disclosed and may be utilized. Red Hat a...

EUVD-2026-3129

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064 bastillion-io Bastillion System Management SystemKtrl.java command injection

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064

Summary of CVE-2026-1064 (bastillion-io Bastillion) Affects Bastillion up to version 4.0.1 in the System Management Module, specifically the SystemKtrl.java component. The vulnerability arises from a manipulation of the file path src/main/java/io/bastillion/manage/control/SystemKtrl.java, leading...

CVE-2026-1064 bastillion-io Bastillion System Management SystemKtrl.java command injection

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-3371

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

Bastillion command injection vulnerability

Bastillion is an open-source key management tool developed by bastillion-io. Versions of Bastillion 4.0.1 and earlier contained a command injection vulnerability. This vulnerability stemmed from incorrect operations on the System Management Module component in the file...

@accounter/server (>=0.0.0 <=0.0.3-alpha-20241114141215-09b7d417e7e139562b2a77a6eb2d990da536e1ec), @aligent/auth-module (=1.0.1) +1 more potentially affected by CVE-2026-23735 via graphql-modules (>=2.3.0 <=2.4.0)

graphql-modules NPM version =2.3.0, =0.0.0, =1.0.7, =1.0.9 Source cves: CVE-2026-23735 Source advisory: OSV:GHSA-53WG-R69P-V3R7...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...