CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/21 5:10 p.m.•7 views

CVE-2026-48233

The CVE-2026-48233 issue affects Open ISES Tickets prior to 3.44.2, where the GET offset parameter is concatenated into the LIMIT clause in ajax/sit_incidents.php, enabling SQL injection. This requires authentication and is exploitable via crafted requests over the network, potentially allowing a...

EUVD•added 2026/05/21 5:10 p.m.•2 views

EUVD-2026-31313

Cvelist•added 2026/05/21 5:10 p.m.•31 views

CVE-2026-48233 Open ISES Tickets < 3.44.2 SQL Injection via ajax/sit_incidents.php offset Parameter

7.1CVSS0.00027EPSS

Vulnrichment•added 2026/05/21 5:10 p.m.•1 views

CVE-2026-48233 Open ISES Tickets < 3.44.2 SQL Injection via ajax/sit_incidents.php offset Parameter

CNNVD•added 2026/05/21 12:0 a.m.•2 views

tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from the offset GET parameters in the ajax/sitincidents.php file being directly concatenated...

Positive Technologies•added 2026/05/21 12:0 a.m.•6 views

Exploits0References1

PT-2026-42511

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit incidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, ...

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the block address in the f2fsdozerorange function. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in the F2FS file system in the...

5.5CVSS5.8AI score0.00105EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEVSTATSINC to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev-stats.txerror concurrently. This is because sit tunnels are NETIFFLLTX, meaning their ndostartxmit is not protected by a...

5.6AI score0.00028EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already called by registernetdevice if something goes wrong. Alternative would be to make ipip6devfree robust against multiple invocations, but...

5.5CVSS6AI score0.00014EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sitbitmapsize w/ below testcase, resize will generate a corrupted image which contains inconsistent metadata, so when mounting such image, it will trigger kernel panic: touch img truncate -s...

5.5CVSS6.8AI score0.00119EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to perform a sanity check on totaldatablocks. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is as follows: Kernel BUG at fs/f2fs/segment.c:2560! Call...

5.5CVSS5.8AI score0.00136EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011394 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmissi...

5.9AI score0.00058EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013078)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013078 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmissi...

5.9AI score0.00058EPSS

Tenable Nessus•added 2026/03/04 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005711 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sitbitmapsize w/ below testcase, resize will generate a corrupted...

5.5CVSS6.8AI score0.00119EPSS

Redos•added 2026/02/20 12:0 a.m.•4 views

ROS-20260220-73-0034

Vulnerability in the buildsitentries function of the Linux operating system kernel with incorrect resource sweep or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS5.6AI score0.00119EPSS

Exploits0

Tenable Nessus•added 2026/01/22 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38218)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38218 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on...

5.5CVSS5.3AI score0.00119EPSS