itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /unit/addunit.php. An attacker can exploit this...

CVE-2025-44178

DASAN GPON ONU H660WM H660WMR210825 is susceptible to improper access control under its default settings. Attackers can exploit this vulnerability to gain unauthorized access to sensitive information and modify its configuration via the UPnP protocol WAN sides without any authentication...

PT-2025-34659 · Dasan · Dasan Gpon Onu H660Wm +1

Name of the Vulnerable Software and Affected Versions: DASAN GPON ONU H660WM H660WMR210825 affected versions not specified Description: DASAN GPON ONU H660WM H660WMR210825 is susceptible to improper access control under its default settings. Attackers can exploit this vulnerability to gain...

PT-2025-34710 · Itsourcecode · Apartment Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Apartment Management System 1.0. The vulnerability is located in an unknown function within the /unit/addunit.php file. Manipulatio...

Linux Distros Unpatched Vulnerability : CVE-2007-3719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The process scheduler in the Linux kernel 2.6.16 gives preference to interactive processes that perform voluntary sleeps, which allows local users to cause a...

CVE-2025-57751

pyLoad is the free and open-source Download Manager written in pure Python. The jk parameter is received in pyLoad CNL Blueprint. Due to the lack of jk parameter verification, the jk parameter input by the user is directly determined as dykpy.evaljs, resulting in the server CPU being fully occupi...

CVE-2025-38675

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize stateptrs earlier in xfrmstatefind In case of preemption, xfrmstatelookat will find a different pcpuid and look up states for that other CPU. If we matched a state for CPU2 in the statecache while the look...

CVE-2025-38651

Summary: CVE-2025-38651 concerns the Linux kernel landlock component. A bug in get_id_range() could receive a non-positive value because get_random_u8() may return 0, triggering an unsafe first argument. The fix clamps the value to ensure positivity. The vulnerability was discussed in kernel-land...

CVE-2025-38625 vfio/pds: Fix missing detach_ioas op

In the Linux kernel, the following vulnerability has been resolved: vfio/pds: Fix missing detachioas op When CONFIGIOMMUFD is enabled and a device is bound to the pdsvfiopci driver, the following WARNON trace is seen and probe fails: WARNING: CPU: 0 PID: 5040 at drivers/vfio/vfiomain.c:317...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to establish persistent access to target networks. Cisco Talos, which disclosed details of the activity, sa...

Schneider Electric Saitel DR RTU 安全漏洞

The Schneider Electric Saitel DR RTU is a remote terminal device from Schneider Electric France. A security vulnerability exists in the Schneider Electric Saitel DR RTU that stems from improper privilege management and could lead to elevation of privilege and arbitrary code execution...

Linux Distros Unpatched Vulnerability : CVE-2017-6272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated an...

PT-2025-46597

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to Model Specific Registers MSRs access during performance monitoring. Specifically, an incorrect check in the intel pmu acr late setup helper...

CVE-2025-38594

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix UAF on sva unbind with pending IOPFs Commit 17fce9d2336d "iommu/vt-d: Put iopf enablement in domain attach path" disables IOPF on device by removing the device from its IOMMU's IOPF queue when the last IOPF-capabl...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

CVE-2025-50897

The CVE-2025-50897 entry concerns riscv-boom SonicBOOM 1.2 (BOOMv1.2). It describes a flaw in the MMU/PMP/memory enforcement where valid virtual-to-physical translations with write permissions in SV39 can trigger a Store/AMO access fault during sd store operations, despite valid PTEs. The fault o...

CVE-2025-38525

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...