Cloudlog - SQL Injection

Cloudlog 2.6.15 contains a SQL injection caused by unsanitized input in oqrs.php requestform, letting attackers execute arbitrary SQL commands via stationid or callsign, exploit requires sending crafted request. id: CVE-2024-48259 info: name: Cloudlog - SQL Injection author: s4e-io severity: high...

CVE-2026-26008 EVerest has OOB via EVSE ID Indexing Mismatch in OCPP 2.0.1 UpdateAllowedEnergyTransferModes

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access std::vector that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch...

CVE-2025-55705

This vulnerability occurs when the system permits multiple simultaneous connections to the backend using the same charging station ID. This can result in unauthorized access, data inconsistency, or potential manipulation of charging sessions. The lack of proper session management and expiration...

CVE-2025-55705 EVMAPA Insufficient Session Expiration

This vulnerability occurs when the system permits multiple simultaneous connections to the backend using the same charging station ID. This can result in unauthorized access, data inconsistency, or potential manipulation of charging sessions. The lack of proper session management and expiration...

CVE-2025-13346 SourceCodester Train Station Ticketing System ajax.php sql injection

A vulnerability was detected in SourceCodester Train Station Ticketing System 1.0. This affects an unknown part of the file /ajax.php?action=savestation. Performing manipulation of the argument id/station results in sql injection. The attack may be initiated remotely. The exploit is now public an...

AZL-67542 CVE-2025-39862 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix list corruption after hardware restart Since stations are recreated from scratch, all lists that wcids are added to must be cleared before calling ieee80211restarthw. Set wcid-sta = 0 for each wcid entry i...

wifi: iwlwifi: mvm: guard against invalid STA ID on removal

...

CVE-2024-48255

Cloudlog 2.6.15 allows Oqrs.php getstationinfo stationid SQL injection...

PT-2025-1427 · Magma · Magma

Name of the Vulnerable Software and Affected Versions: Magma versions 1.8.0 and earlier Description: A Null pointer dereference issue in the Mobile Management Entity MME allows network-adjacent attackers to crash the MME via an S1AP "S1Setup Request" packet missing an expected Global eNB ID field...

Cloudlog 安全漏洞

Cloudlog is a self-hosted PHP application by the individual developer Peter Goodhall. Allows logging of amateur radio contacts from anywhere. A security vulnerability exists in Cloudlog version 2.6.15 that stems from allowing SQL injection via the stationid parameter of Oqrs.php getstationinfo...

Cloudlog 安全漏洞

Cloudlog is a self-hosted PHP application by the individual developer Peter Goodhall. Allows logging of amateur radio contacts from anywhere. A security vulnerability exists in Cloudlog version 2.6.15, which stems from the stationid parameter in the requestform function of the Oqrs.php page...

kernel: wifi: iwlwifi: mvm: guard against invalid STA ID on removal

An out-of-bounds memory access flaw was found in the Linux kernel’s Wireless WiFi Link Next-Gen AGN driver in how a user removes it. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: wifi: iwlwifi: mvm: guard against invalid STA ID on removal

An out-of-bounds memory access flaw was found in the Linux kernel’s Wireless WiFi Link Next-Gen AGN driver in how a user removes it. This flaw allows a local user to crash or potentially escalate their privileges on the system...

SUSE CVE-2024-36921

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwlmvmmldrmstaid as that would result in out-of-bounds array accesses. This prevents issues should the driver get into a bad state...

DEBIAN-CVE-2024-36921

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwlmvmmldrmstaid as that would result in out-of-bounds array accesses. This prevents issues should the driver get into a bad state...

AZL-57558 CVE-2024-36921 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwlmvmmldrmstaid as that would result in out-of-bounds array accesses. This prevents issues should the driver get into a bad state...

UBUNTU-CVE-2024-36921

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwlmvmmldrmstaid as that would result in out-of-bounds array accesses. This prevents issues should the driver get into a bad state...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an invalid STA ID on wifi:iwlwifi:mvm module removal...