37 matches found
CVE-2026-45932
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPFPROGDETACH on tcx or netkit devices could be executed by any user when no program fd was provided, bypassing permission...
CVE-2026-45932
bpf: Fix tcx/netkit detach permissions when prog fd isnt given...
EUVD-2026-31703
A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolveprogtype for BPFPROGTYPEEXT When loading a EXT program without specifying attr-attachprogfd, the prog-aux-dstprog will be null. At this time, calling resolveprogtype anywhere will resul...
CVE-2026-32862
NI LabVIEW contains a memory corruption vulnerability (CVE-2026-32862) caused by an out-of-bounds write in ResFileFactory::InitResourceMgr(). The issue can lead to information disclosure or arbitrary code execution and requires a user to open a specially crafted VI file. Affected products: NI Lab...
CVE-2025-14588
A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /updateprogram.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been...
EUVD-2025-203259
A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /updateprogram.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been...
PT-2025-51112
Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A security flaw exists in itsourcecode Student Management System 1.0. The issue affects unknown code within the /update program.php file and allows for SQL injection through...
CVE-2025-0078
In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SourceCodester Computer Store System 安全漏洞
SourceCodester Computer Store System is an open source computer storage system from SourceCodester. A security vulnerability exists in SourceCodester Computer Store System version 1.0, which stems from improper handling of the laptopcompany/RAM/Processor parameter in the Add function in the main....
CVE-2025-47758
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::getProgramFilename function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...
Fuji Electric V-SFT 安全漏洞
Fuji Electric V-SFT is a screen configuration software from Fuji Electric Japan. Fuji Electric V-SFT suffers from a buffer overflow vulnerability that originates from the CTxSubFile::getProgramFilename function in VS6File that fails to correctly validate the length and size of input data, which c...
TEM Opera Plus FM Family Transmitter 访问控制错误漏洞
The TEM Opera Plus FM Family Transmitter is a frequency modulation FM transmitter device from TEM. An access control error vulnerability exists in TEM Opera Plus FM Family Transmitter version 35.45, which arises from allowing access to an unprotected endpoint that can upload a binary image of the...
CVE-2024-21803
NVD describes an after-free vulnerability found in the Linux kernel in the Linux x86 ARM Bluetooth module that allows local code execution. This vulnerability is associated with the program file, https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects...
CVE-2023-43776
Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. It was observed that the device password was stored with a weak encoding algorithm in the easyE4 program file when exported to SD card .PRG file ending...
Rockwell Automation Micrologix Improper Access Control (CVE-2017-14473)
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
CVE-2021-20608
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX Works2 by getting GX Works2 to read a tampered program file from a Mitsubishi Electric PLC by sendin...
Input validation
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX Works2 by getting GX Works2 to read a tampered program file from a Mitsubishi Electric PLC by sendin...
siemens Tecnomatix RobotExpert 安全漏洞
siemens Tecnomatix RobotExpert is a software application from Siemens, Germany. It provides support for unique industry applications such as mounting, arc welding, polishing, gluing and others. A security vulnerability exists in siemens Tecnomatix RobotExpert. The vulnerability stems from the...
CVE-2019-13521
A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena...