65 matches found
CVE-2026-10168
A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file application/controllers/Parents.php. The manipulation of the argument param1 leads to improper control...
CVE-2026-10168
The CVE concerns OUSL-GROUP-BrinaryBrains School Student Management System (up to build 1e70e5ad1125b86dca4ee086eb6bb121f17708b6). The vulnerability is in the function marks of the file application/controllers/Parents.php, where manipulating the argument param1 enables improper control of resourc...
CVE-2026-10168 OUSL-GROUP-BrinaryBrains School Student Management System Parents.php marks resource injection
A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file application/controllers/Parents.php. The manipulation of the argument param1 leads to improper control...
PT-2026-44825
Name of the Vulnerable Software and Affected Versions RustFS versions prior to 1.0.0-beta.2 Description Improper validation in the "PUT /rustfs/admin/v3/import-iam" endpoint allows a user with ImportIAMAction to create service accounts under arbitrary parent identities, including the root user...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dpll: Fixed the issue where dpllpinonpinregister could incorrectly register multiple parent pins when they were used together. In scenarios where a pin is registered with multiple parent pins via dpllpinonpinregister, all these...
CVE-2026-27523
OpenClaw (
CVE-2026-27523 OpenClaw < 2026.2.24 - Sandbox Bind Validation Bypass via Symlink-Parent Missing-Leaf Paths
OpenClaw versions prior to 2026.2.24 contain a sandbox bind validation vulnerability allowing attackers to bypass allowed-root and blocked-path checks via symlinked parent directories with non-existent leaf paths. Attackers can craft bind source paths that appear within allowed roots but resolve...
UBUNTU-CVE-2025-71183
In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename exchanging either with the rename exchange operation or regular renames in multiple non-atomic steps two inodes and at least one of them is a directory,...
CVE-2025-66494
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...
EUVD-2025-204466
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...
kernel: net_sched: ets: Fix double list add in class with netem as child qdisc
A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...
kernel: net_sched: ets: Fix double list add in class with netem as child qdisc
A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...
kernel: net_sched: ets: Fix double list add in class with netem as child qdisc
A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...
kernel: net_sched: ets: Fix double list add in class with netem as child qdisc
A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987375)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987375 advisory. In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes...
EUVD-2025-22695
Malicious code in bioql PyPI...
kernel: net_sched: ets: Fix double list add in class with netem as child qdisc
A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...
Linux Distros Unpatched Vulnerability : CVE-2025-38446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: imx: Fix an out-of-bounds access in dispmixcsrclkdevdata When numparents is 4,...
SUSE CVE-2025-38446
In the Linux kernel, the following vulnerability has been resolved: clk: imx: Fix an out-of-bounds access in dispmixcsrclkdevdata When numparents is 4, clkregister occurs an out-of-bounds when accessing parentnames member. Use ARRAYSIZE instead of hardcode number here. BUG: KASAN:...
UBUNTU-CVE-2025-38446
In the Linux kernel, the following vulnerability has been resolved: clk: imx: Fix an out-of-bounds access in dispmixcsrclkdevdata When numparents is 4, clkregister occurs an out-of-bounds when accessing parentnames member. Use ARRAYSIZE instead of hardcode number here. BUG: KASAN:...