Author: Cyberthreat Blog

In libsamplerate before 1.0.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file.

A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0.

A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592.

setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in...

Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter in...