CVE-2026-10244

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...

CVE-2026-10247

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

CVE-2026-10247 SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-69419)

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

ROS-20260112-7354

A vulnerability in the PROGNAME function of the kernel/bpf/core.c module of the Linux kernel is related to the use of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-14135

A vulnerability was identified in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function APgetwiredclientlistsetClientsName of the file modform.so. The manipulation of the argument clientsname0 leads to...

CVE-2025-14133

Consolidated findings for CVE-2025-14133: A stack-based buffer overflow exists in Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 (firmware versions 1.0.013.001 through 1.2.07.001) via the AP_get_wireless_clientlist_setClientsName function in mod_form.so. Manipulating the clientsname_0 argument...

kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcmgetboardname devmkstrdup can return a NULL pointer on failure,but this returned value in btbcmgetboardname is not checked. Add NULL check in btbcmgetboardname, to handle kernel NULL pointe...

smb: client: fix potential UAF in smb2_is_network_name_deleted()

...

CVE-2022-38555

Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ejgetwebpagename...

Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()

...

PT-2025-15038 · Tenda · Tenda Rx3

Name of the Vulnerable Software and Affected Versions: Tenda RX3 version 16.03.13.11 Description: A critical issue has been found, affecting the formSetDeviceName function of the file /goform/SetOnlineDevName. The manipulation of the devName argument leads to a stack-based buffer overflow. This...

SUSE CVE-2025-21937

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmtallocskb in mgmtremotename Add check for the return value of mgmtallocskb in mgmtremotename to prevent null pointer dereference...

AZL-59915 CVE-2025-21937 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmtallocskb in mgmtremotename Add check for the return value of mgmtallocskb in mgmtremotename to prevent null pointer dereference...

The vulnerability of the PROG_NAME() function in the kernel/bpf/core.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the PROGNAME function in the kernel/bpf/core.c module of the Linux operating system is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a attacker to cause a service failure...

DEBIAN-CVE-2024-57988

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcmgetboardname devmkstrdup can return a NULL pointer on failure,but this returned value in btbcmgetboardname is not checked. Add NULL check in btbcmgetboardname, to handle kernel NULL pointe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the Bluetooth: btbcm module not checking for null pointers in the btbcmgetboardname function...

Astra Linux – Vulnerability in avahi

A vulnerability was discovered in Avahi. There exists a potentially exploitable assertion in the avahialternativehostname function...

The vulnerability of the uof_get_name() function in the QAT_4xxx driver (driver/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c) on Linux operating systems allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the uofgetname function in the QAT4xxx driver driver/crypto/intel/qat/qat4xxx/adf4xxxhwdata.c on Linux operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access t...

CVE-2024-53163 crypto: qat/qat_420xx - fix off by one in uof_get_name()

In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat420xx - fix off by one in uofgetname This is called from uofgetname420xx where "numobjs" is the ARRAYSIZE of fwobjs. The needs to be = to prevent an out of bounds access...