IND780 - Local File Inclusion

IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 SS Label 'IND7808.0.07', Version 7.2.10 June 18, 2012 SS Label 'IND7807.2.10' is vulnerable to unauthenticated local file inclusion. It is possible to traverse the folders of the affected host by providing a relative path to the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fixed a possible memory leak when the module exits. After committing 1fa5ae857bb1 “driver core: removed the struct device’s busid string array”, the name of the device is allocated dynamically. This allocation needs...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in a report descriptor that is smaller than 607 bytes. mtreportfixup attempts...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013862)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013862 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mtinputconfigured devmkasprintf can return a NULL pointer on...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010937)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010937 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fix possible memory leak while module exiting Afer commit 1fa5ae857bb1 driver core:...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011373)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011373 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mtinputconfigured devmkasprintf can return a NULL pointer on...

CVE-2026-35199

SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...

CVE-2026-5344

A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mtuploadImage of the file rpc/TXPRPCServer.php of the component XML-RPC Handler. The manipulation of the argument file.name leads to path traversal. Remote exploitation of the...

CVE-2026-5344

Textpattern up to 4.9.1 is affected. The vulnerability lies in the XML-RPC Handler’s mt_uploadImage function (rpc/TXP_RPCServer.php) where manipulation of the file.name argument enables path traversal. This permits remote exploitation, and publicly disclosed exploits exist. The vendor has acknowl...

PT-2026-29786

A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mt uploadImage of the file rpc/TXP RPCServer.php of the component XML-RPC Handler. The manipulation of the argument file.name leads to path traversal. Remote exploitation of the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005695 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fix possible memory leak while module exiting Afer commit 1fa5ae857bb1 driver core:...

CVE-2026-1821

The Microtango plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'restkey' parameter of the mtreservation shortcode in all versions up to, and including, 0.9.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

PT-2026-7501

The Microtango plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'restkey' parameter of the mt reservation shortcode in all versions up to, and including, 0.9.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

kernel: HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

A flaw exists in the Linux kernel’s HID multitouch driver function mtreportfixup in drivers/hid/hid-multitouch.c. A malicious HID device may supply a report descriptor smaller than 607 bytes; the function then attempts to access and patch byte offset 607 without first verifying the descriptor...

CVE-2023-25199

A reflected cross-site scripting XSS vulnerability exists in the MT Safeline X-Ray X3310 webserver version NXG 19.05 that enables a remote attacker to execute JavaScript code and obtain sensitive information in a victim's browser...

kernel: HID: multitouch: Add NULL check in mt_input_configured

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mtinputconfigured devmkasprintf can return a NULL pointer on failure,but this returned value in mtinputconfigured is not checked. Add NULL check in mtinputconfigured, to handle kernel NULL point...

Linux Distros Unpatched Vulnerability : CVE-2022-50462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIPS: vpe-mt: fix possible memory leak while module exiting Afer commit 1fa5ae857bb1 driver core: get rid of struct device's busid string array, the name of...

EUVD-2000-1031

Malware in sbrugna...

EUVD-2020-3576

Malware in sbrugna...

EUVD-2008-1983

Malware in sbrugna...