1052 matches found
St. Joe ERP system - SQL Injection
A SQL injection vulnerability exists in the St. Joe ERP system "圣乔ERP系统" that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into...
CVE-2025-61023
A flaw was found in virtuoso-opensource. An attacker could exploit a vulnerability in the stcompare component by sending specially crafted SQL statements. This could lead to a Denial of Service DoS, making the service unavailable to legitimate users...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Fix for iiochanspec for sensors without event detection. The stlsm6dsxaccchannels array within struct iiochanspec contains a eventspec field that is not NULL, indicating that the sensor supports IIO events...
CVE-2025-61023
An issue in the stcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
PT-2026-51542
Name of the Vulnerable Software and Affected Versions openlink virtuoso-opensource version 7.2.11 Description A flaw in the st compare component allows attackers to trigger a Denial of Service DoS by using specially crafted SQL statements. Recommendations At the moment, there is no information...
CVE-2025-61023
The CVE-2025-61023 entry concerns openlink virtuoso-opensource, specifically the st_compare component in version 7.2.11. Multiple connected sources confirm that a flaw in st_compare can be exploited by sending crafted SQL statements, resulting in a Denial of Service (DoS) that can render the serv...
CVE-2025-61023
An issue in the stcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2026-46142 net: libwx: fix VF illegal register access
In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix VF illegal register access Register WXCFGPORTST is a PF restricted register. When a VF is initialized, attempting to read this register triggers an illegal register access, which lead to a system hang. When the...
Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
AI is reshaping how work gets done—and how risks emerge across cloud, data, identity, and more. Many organizations want AI-powered productivity, but their security foundations aren’t yet built for it. As organizations move toward AI-powered operating models, security becomes the critical enabler ...
Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations
AI is reshaping how work gets done—and how risks emerge across cloud, data, identity, and more. Many organizations want AI-powered productivity, but their security foundations aren’t yet built for it. As organizations move toward AI-powered operating models, security becomes the critical enabler ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fixed the use of uninitialized device structures. In various probe functions, indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when the user space writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr. Th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fixed a use-after-free bug in ndlcremove due to a race condition This bug affects both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it calls ndlcprobe and binds &ndlc-smwork...
CVE-2026-31764
A flaw was found in the Linux kernel's stlsm6dsx Industrial I/O IIO Inertial Measurement Unit IMU driver. A local user can trigger an out-of-bounds access by writing to the buffer sampling frequency sysfs attribute. This occurs when the stlsm6dsxcheckodr function attempts to access an array with ...
CVE-2026-31764
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when userspace writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr, which...
CVE-2026-31764 iio: imu: st_lsm6dsx: Set buffer sampling frequency for accelerometer only
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when userspace writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr, which...
CVE-2026-31764
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when userspace writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr, which...
PT-2026-36399
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs in the st lsm6dsx hwfifo odr store function when userspace writes to the buffer sampling frequency sysfs attribute. This function calls st lsm6dsx check od...
CLSA-2026-1776940444 perl-XML-Parser: Fix of CVE-2006-10003
CVE-2006-10003: fix off-by-one heap buffer overflow in stserialstack growth check in Expat/Expat.xs startElement; also backport upstream follow-up 2abd177 to initialize stserialstacksize=1024 after allocation...
CVE-2026-31521
In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...