15 matches found
mirai-exploit
Vulnerability Details CVE ID: CVE-2026-22812 Affe...
RHEL 8 / 9 : OpenShift Container Platform 4.14.62 (RHSA-2026:2973)
The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:2973 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...
CVE-2026-24128
CVE-2026-24128 affects XWiki Platform and related distributions. Concrete details across sources: vulnerable versions of XWiki Platform (7.0-milestone-2 up to 16.10.11; 17.0.0-rc-1 up to 17.4.4; 17.5.0-rc-1 up to 17.7.0) are susceptible to a reflected XSS via crafted URLs, enabling actions with t...
Sockpuppetting: Jailbreaking LLMs without Optimization through Output Prefix Injection
As open-weight large language models LLMs increase in capabilities, safeguarding them against malicious prompts and understanding possible attack vectors becomes ever more important. While automated jailbreaking methods like GCG Zou et al., 2023 remain effective, they often require substantial...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46844)
um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986520)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986520 advisory. In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I ha...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer is not initialized by the callers, but I’ve encountered cases where it is still printed; initialize it in all possible cases within setuponeline...
The vulnerability of the setup_one_line() function in the Linux operating system’s kernel in the User-mode-Linux (UML) mode allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the setuponeline function in the arch/um/drivers/line.c module of the Linux kernel in the User-mode-Linux UML mode is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
um: line: always fill *error_out in setup_one_line()
...
DEBIAN-CVE-2024-46844
In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline...
UBUNTU-CVE-2024-46844
In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline...
DEBIAN-CVE-2024-27289
pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...
UBUNTU-CVE-2024-27289
pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...
UBUNTU-CVE-2024-1597
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a strin...
My-CTF-Web-Challenges
This is a collection of CTF Capture The Flag web challenges created by orange. The repository contains source code, write-ups, and idea explanations for various challenges. The challenges are categorized by year, with challenges from HITCON 2018, 2019, and 2020, as well as other CTF events. The...