Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: kprobes/x86: Use copyfromkernelnofault to read from an unsafe address. Reading from an unsafe address using copyfromkernelnofault in archadjustkprobeaddr is allowed because this function is called before checking whether the...

Admidio has a Second-Order SQL Injection via List Configuration (lsc_special_field, lsc_sort, lsc_filter)

Summary The MyList configuration feature in Admidio allows authenticated users to define custom list column layouts. User-supplied column names, sort directions, and filter conditions are stored in the admlistcolumns table via prepared statements safe storage, but are later read back and...

Admidio has a Second-Order SQL Injection via List Configuration (lsc_special_field, lsc_sort, lsc_filter)

The MyList configuration feature in Admidio allows authenticated users to define custom list column layouts. User-supplied column names, sort directions, and filter conditions are stored in the admlistcolumns table via prepared statements safe storage, but are later read back and interpolated...

PT-2026-25865

Summary The MyList configuration feature in Admidio allows authenticated users to define custom list column layouts. User-supplied column names, sort directions, and filter conditions are stored in the adm list columns table via prepared statements safe storage, but are later read back and...

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crash...

Silicon Labs Gecko Bootloader Input Validation Error Vulnerability

Silicon Labs Gecko Bootloader is a bootloader from Silicon Labs, Inc. A security vulnerability exists in Silicon Labs Gecko Bootloader version 4.3.1 and prior versions that originated from allowing unrestricted memory access while reading or writing to a memory slot...

OESA-2021-1214 rust security update

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Security Fixes: In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided...

PT-2021-17971 · Rust +6 · Rust +6

Name of the Vulnerable Software and Affected Versions: Rust versions prior to 1.50.0 Description: The issue arises from the read to end function in the standard library not validating the return value from Read in an unsafe context, potentially leading to a buffer overflow. Recommendations: For...