Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: blk-rq-qos: fixed a crash that occurred during the race between rqqoswait and rqqoswakefunction. We are encountering crashes due to rqqoswakefunction, which manifest as follows: BUG: Unable to handle a page fault for address:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the vport QoS cleanup process when an error occurs. When enabling vport QoS fails, the scheduling node never gets freed, resulting in a leak. The missing fields were added, and the vport scheduling node pointer wa...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: interconnect: exynos: fix node leak in probe PM QoS error path Make sure to add the newly allocated interconnect node to the provider before adding the PM QoS request, so that the node is freed in case of errors...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: block: Fixed a possible memory leak for rqwb when deviceadddisk fails. kmemleak reported memory leaks in deviceadddisk: - 3 new suspected memory leaks. Unreferenced object: 0xffff88800f420800 size 512: Command “modprobe”, PID...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the “block” layer, do not call “rqqosops-donebio” if the bio data structure is not being tracked. The “rqqos” framework is only applied on request-based drivers. Therefore: 1 The “rqqosdonebio” function is not necessary for...

Astra Linux – Vulnerability in Jetty9

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 inclusive, as well as 10.0.0 and 11.0.0, when Jetty handles a request containing multiple Accept headers with a large number of “quality” i.e., q parameters, the server may enter a Denial-of-Service DoS state due to high CPU usage in processing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: block/rqqos: Protect the rqqos APIs with a new lock. The commit number is 50e34d78815e “block: disable the elevator int delgendisk”. The function rqqosexit was moved from diskrelease to delgendisk. This may introduce some...

CVE-2026-46951

Vulnerability in the Oracle Quality product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Quality. Successful...

CVE-2026-46952

Vulnerability in the Oracle Quality product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Quality. Successful...

CVE-2026-46916

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite component: Quality Management Specs. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

PT-2026-50051

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Quality versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Quality product. A low privileged attacker with network access via HTTP can exploit this flaw...

PT-2026-50052

Vulnerability in the Oracle Quality product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Quality. Successful...

CVE-2026-1516

GitLab has remediated an issue in GitLab EE affecting all versions from 18.0.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that in Code Quality reports could have allowed an authenticated user to leak IP addresses of users viewing the report via specially crafted content...

Operationalizing Cyber Attack Prediction: A Gap-Prioritized Framework with Dataset and Model Selection Guidelines

While AI and machine learning for cyber attack prediction have advanced, a critical gap persists between theoretical research and practical operational deployment. Building on Ankalaki et al. 2025, this paper provides a comprehensive analysis of 150+ benchmark datasets and 200+ studies to identif...

CVE-2018-25417

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers can send GET requests to quality.php with crafted SQL payloads in the quality parameter to extrac...

CVE-2018-25417 AiOPMSD Final 1.0.0 SQL Injection via quality.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers can send GET requests to quality.php with crafted SQL payloads in the quality parameter to extrac...

CVE-2018-25417

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers can send GET requests to quality.php with crafted SQL payloads in the quality parameter to extrac...

CVE-2018-25417

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability via the quality parameter in quality.php. Unauthenticated attackers can send crafted SQL payloads to extract sensitive data (usernames, database names, version details). CVSS metrics indicate high severity (CVSS 3.1: 8.2; CVSS 4.0: 8.8)....

CVE-2018-25417 AiOPMSD Final 1.0.0 SQL Injection via quality.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers can send GET requests to quality.php with crafted SQL payloads in the quality parameter to extrac...

EUVD-2018-21939

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers can send GET requests to quality.php with crafted SQL payloads in the quality parameter to extrac...