Code-Projects Gym Management System 注入漏洞

Code-Projects Gym Management System is an open-source gym management system developed by Code-Projects. Version 1.0 of the Code-Projects Gym Management System has a SQL injection vulnerability. This vulnerability arises from the handling of the 'day' parameter in the file/index.php, allowing...

MCP-RTFM 路径遍历漏洞

MCP-RTFM is an intelligent document generation and knowledge base construction tool developed by Ryan Joachim. Version 0.1.0 of MCP-RTFM contains a path traversal vulnerability. This vulnerability arises from the handling of the docFile parameter in the getdoccontent/readdoc/updatedoc functions...

tsMuxer 安全漏洞

tsMuxer is a transport stream multiplexer developed by Dan’s individual developer, used for re-mixing/reusing basic streams. Versions of tsMuxer 2.7.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the function HevcVpsUnit::setFPS in the...

Zero Day Attacks: Novel Behaviour or Novel Vulnerability?

Zero-day attacks pose severe cybersecurity risks due to their high success rates and stealth. Because signature-based approaches struggle to detect such attacks, building Intrusion Detection Systems IDSs for detecting zero-day attacks is essential. We contend that for an IDS to be effective it mu...

CVE-2026-37458

CVE-2026-37458 involves FRRouting (FRR) with a missing input validation in the MP_REACH_NLRI component, affecting FRR stable/10.0 to stable/10.6. An authenticated attacker can cause a Denial of Service by sending a crafted UPDATE message. The available connected documents confirm the affected sof...

PT-2026-36779

Name of the Vulnerable Software and Affected Versions osrg GoBGP versions prior to 4.4.0 Description A remote attack can be launched against the parseRibEntry function in the pkg/packet/mrt/mrt.go file, which may lead to an integer underflow. Integer underflow occurs when an arithmetic operation...

PT-2026-37357

Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...

Calibre-Web Automated 安全漏洞

Calibre-Web Automated is a self-hosted digital library management tool developed by CrocodileStick’s individual developer. Versions of Calibre-Web Automated prior to 4.0.6 contained security vulnerabilities. These vulnerabilities stemmed from improper authorization in the generateauthtoken functi...

Linux Distros Unpatched Vulnerability : CVE-2026-7735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the compone...

Astra Linux – Vulnerability in imagemagick

A divide-by-zero flaw was discovered in ImageMagick versions 6.9.11-57 and 7.0.10-57, located in the gem.c file. This flaw allows an attacker to submit a crafted file processed by ImageMagick, causing undefined behavior due to a division by zero. The greatest threat of this vulnerability is to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fbmon: prevented division by zero in fbvideomodefromvideomode. The expression htotal vtotal can have a zero value during overflow. It is necessary to prevent division by zero, as seen in fbvartovideomode. This issue was identifie...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: fixed a memory leak in blkdevissuezeropages. The check for the fatal signal was moved before the bioalloc function, to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Added a check on the len parameter to prevent empty skb objects. This prevents a division error in the netemenqueue function, which occurs when skb-len=0 and skb-datalen=0 during the randomized corruption...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbpm2fb: Avoid potential divide by zero errors In dofbioctl of fbmem.c, if cmd is FBIOPUTVSCREENINFO, var will be copied from the user. Then, the functions fbsetvar and info-fbops-fbcheckvar will be called, which might...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: erofs/zmap.c: Corrected incorrect offset calculation The effective offset to be added to the length was incorrectly calculated, resulting in iomap-length being set to 0, which triggered a WARNON in iomapiterdone. This issue was...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed an uninitialized value in caifseqpktsendmsg. When nrsegs equals zero in iovecfromuser, the object msg-msgiter.iov contains uninitialized stack memory, which is used in caifseqpktsendmsg. This behavior is defined in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: preventing dereferencing of ZEROSIZEPTR when numifs is zero The driver allocates arrays for ports, FDBs, and filter blocks using kcalloc, with ethsw-swattr.numifs as the element count. When the device reports zero...

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.0.0 to 3.0.3, and 2.6.0 to 2.6.10, the Gryphon dissector could enter an infinite loop. This issue was addressed in the plugin file plugins/epan/gryphon/packet-gryphon.c by checking for a packet length of zero...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fixed an error of dividing by zero when the “wsum” is zero. When the weighted sum is zero, calculating the limit causes a division by zero error. This issue has been fixed by proceeding to the next level of processing...

Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, resulting in a buffer overread. This can allow an attacker to potentially access sensitive information or cause a denial of service at the application level...