1047 matches found
CVE-2025-61023
A flaw was found in virtuoso-opensource. An attacker could exploit a vulnerability in the stcompare component by sending specially crafted SQL statements. This could lead to a Denial of Service DoS, making the service unavailable to legitimate users...
St. Joe ERP system - SQL Injection
A SQL injection vulnerability exists in the St. Joe ERP system "圣乔ERP系统" that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into...
CVE-2025-61023
The CVE describes a vulnerability in the st_compare component of OpenLink Virtuoso Open-Source 7.2.11 that can allow a Denial of Service via crafted SQL statements. The affected product is Virtuoso Open-Source; the vulnerable component is st_compare. The root cause is not elaborated beyond the co...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when the user space writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr. Th...
CVE-2026-46142 net: libwx: fix VF illegal register access
In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix VF illegal register access Register WXCFGPORTST is a PF restricted register. When a VF is initialized, attempting to read this register triggers an illegal register access, which lead to a system hang. When the...
Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
AI is reshaping how work gets done—and how risks emerge across cloud, data, identity, and more. Many organizations want AI-powered productivity, but their security foundations aren’t yet built for it. As organizations move toward AI-powered operating models, security becomes the critical enabler ...
Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
AI is reshaping how work gets done—and how risks emerge across cloud, data, identity, and more. Many organizations want AI-powered productivity, but their security foundations aren’t yet built for it. As organizations move toward AI-powered operating models, security becomes the critical enabler ...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fixed a use-after-free bug in ndlcremove due to a race condition This bug affects both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it calls ndlcprobe and binds &ndlc-smwork...
CVE-2026-31764
A flaw was found in the Linux kernel's stlsm6dsx Industrial I/O IIO Inertial Measurement Unit IMU driver. A local user can trigger an out-of-bounds access by writing to the buffer sampling frequency sysfs attribute. This occurs when the stlsm6dsxcheckodr function attempts to access an array with ...
CVE-2026-31764
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when userspace writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr, which...
CVE-2026-31764 iio: imu: st_lsm6dsx: Set buffer sampling frequency for accelerometer only
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when userspace writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr, which...
CVE-2026-31764
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when userspace writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr, which...
PT-2026-36399
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs in the st lsm6dsx hwfifo odr store function when userspace writes to the buffer sampling frequency sysfs attribute. This function calls st lsm6dsx check od...
CLSA-2026-1776940444 perl-XML-Parser: Fix of CVE-2006-10003
CVE-2006-10003: fix off-by-one heap buffer overflow in stserialstack growth check in Expat/Expat.xs startElement; also backport upstream follow-up 2abd177 to initialize stserialstacksize=1024 after allocation...
CVE-2026-31521
In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...
Malicious code in st-payment (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5bcf8605142a71ab3977537d339f48dfc102fcb49ce37c8f6b74c6b8af38988d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Debian dla-4522 : libxml-parser-perl - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4522 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4522-1 [email protected]...
OPENSUSE-SU-2026:20459-1 Security update for perl-XML-Parser
This update for perl-XML-Parser fixes the following issues: - CVE-2006-10002: heap buffer overflow in parsestream when processing UTF-8 input streams bsc1259901. - CVE-2006-10003: off-by-one heap buffer overflow in stserialstack bsc1259902...
EUVD-2026-13590
A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adminsinglestudentupdate.php. This manipulation of the argument stname causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack
...