14 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: fpga: manager: Added a module owner field and used its pointer to count the reference count of the module. The current implementation of the fpgamanager assumes that the low-level module registers a driver for the parent devic...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fpga: region: add owner module and take its refcount The current implementation of the fpga region assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcoun...
CVE-2021-47797
Leawo Prof. Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. Attackers can generate a 6000-byte buffer of repeated characters to trigger an application crash when pasted into...
CVE-2021-47797
CVE-2021-47797 concerns Leawo Prof. Media 11.0.0.1. A DoS vulnerability in the activation keycode handling allows an oversized payload (6000-byte, repeated characters) to crash the application when pasted into the registration interface. The CVE references PoC material in multiple sources. No pat...
CVE-2021-47797 Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
Leawo Prof. Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. Attackers can generate a 6000-byte buffer of repeated characters to trigger an application crash when pasted into...
PT-2026-3169
Leawo Prof. Media 11.0.0.1 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized payload in the activation keycode field. Attackers can generate a 6000-byte buffer of repeated characters to trigger an application crash when pasted into...
CVE-2025-51989
HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" firstname field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not...
CVE-2025-51989
HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" firstname field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not...
CVE-2025-51989
HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" firstname field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not...
CVE-2025-51989
HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" firstname field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not...
CVE-2025-51989
CVE-2025-51989 : HTML injection vulnerability in Evolution Consulting Kft. HRmaster module v235’s registration interface allows injecting HTML tags into the keresztnév (firstname) field, which can be included in emails and potentially enable phishing against unregistered addresses. Affected compo...
i-Drive i11和i-Drive i12 安全漏洞
The i-Drive i11 and i-Drive i12 are both a car recorder from i-Drive, Inc. A security vulnerability exists in i-Drive i11 and i-Drive i12 20250227 and prior versions, which stems from improper access control of the registration interface and could lead to a local network attack...
UBUNTU-CVE-2022-48321
Limited Server-Side Request Forgery SSRF in agent-receiver in Tribe29's Checkmk = 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API...
Punchbowl App Has Logic Design Flaws
Punching Assembly APP is a puzzle national quiz game app. A logic design vulnerability exists in Top Punch APP. The vulnerability is caused by the lack of authentication of the SMS interface at the registration account, which allows an attacker to consume server resources by sending unlimited...