Vuldb Updates

A vulnerability classified as problematic has been found in OpenEMR up to 7.x. This affects an unknown part. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2026-25743. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in OpenSIPS up to 3.6.3. The affected element is the function jwt_db_authorize of the file modules/auth_jwt/authorize.c of the component JWT Handler. The manipulation results in sql injection. This vulnerability is identified as CVE-2026-25554. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability classified as critical has been found in Linksys MR9600 and MX4200. This impacts an unknown function of the component Firewall Rule Handler. Performing a manipulation results in improper access controls. This vulnerability is cataloged as CVE-2026-27850. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.1.1. It has been classified as critical. The affected element is the function fake_init of the component vme. Performing a manipulation results in null pointer dereference. This vulnerability is known as CVE-2022-50538. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.2.2. Affected by this vulnerability is the function dm_resume. The manipulation results in infinite loop. This vulnerability is identified as CVE-2022-50535. The attack can only be performed from the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6f226ffe4458ea3b8c33287cb8c86f87dc198dce. Impacted is the function sock_put. Executing a manipulation can lead to use after free. This vulnerability is tracked as CVE-2022-50536. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 5.10.162/5.15.85/6.0.15/6.1.1. It has been rated as critical. Affected by this vulnerability is the function rpi_firmware_probe. This manipulation causes memory leak. This vulnerability is handled as CVE-2022-50537. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 5.4.228/5.10.162/5.15.85/6.0.15/6.1.1 and classified as critical. The impacted element is the function mpt3sas_transport_port_add. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-50532. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.3. This affects the function __open_metadata. Executing a manipulation can lead to infinite loop. This vulnerability is tracked as CVE-2022-50534. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.0.15/6.1.1 and classified as critical. This impacts the function ap_mld_addr of the component wifi. Performing a manipulation results in null pointer dereference. This vulnerability is known as CVE-2022-50533. Attacking locally is a requirement. No exploit is available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.0.5. It has been rated as critical. The impacted element is the function blk_mq_clear_rq_mapping. Performing a manipulation results in null pointer dereference. This vulnerability is identified as CVE-2022-50530. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.1. Affected is the function test_firmware_init. The manipulation results in memory leak. This vulnerability is cataloged as CVE-2022-50529. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability classified as critical has been found in Linux Kernel up to 4.19.263/5.4.220/5.10.151/5.15.75/6.0.5. Impacted is the function tipc_topsrv_kern_subscr in the library lib/iov_iter.c of the component tipc. The manipulation leads to information disclosure. This vulnerability is documented as CVE-2022-50531. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 5.15.85/6.0.15/6.1.1. This vulnerability affects the function _gpuvm_import_dmabuf. Performing a manipulation results in memory leak. This vulnerability is cataloged as CVE-2022-50528. The attack must originate from the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Totolink X6000R 9.4.0cu.852_B20230719. Impacted is the function sub_4119A0 of the file shttpd. Performing a manipulation results in os command injection. This vulnerability is reported as CVE-2023-48812. The attacker must have access to the local network to execute the attack. No exploit exists.

A vulnerability was found in Totolink X6000R 9.4.0cu.852_B20230719. It has been classified as critical. Impacted is the function sub_4119A0 of the file shttpd. This manipulation causes os command injection. The identification of this vulnerability is CVE-2023-48810. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Totolink X6000R 9.4.0cu.852_B20230719. It has been declared as critical. The affected element is the function sub_4119A0 of the file shttpd. Such manipulation leads to os command injection. This vulnerability is referenced as CVE-2023-48811. The attack needs to be initiated within the local network. No exploit is available.

A vulnerability was found in Senayan SLiMS 9.6.1. It has been rated as critical. Impacted is an unknown function of the file admin/modules/reporting/customs/fines_report.php. Performing a manipulation results in sql injection. This vulnerability was named CVE-2023-48813. The attack needs to be approached within the local network. There is no available exploit.

A vulnerability, which was classified as critical, was found in Totolink X6000R 9.4.0cu.852_B20230719. This affects the function sub_4119A0 of the file shttpd. Executing a manipulation can lead to os command injection. This vulnerability is handled as CVE-2023-48807. The attack can only be done within the local network. There is not any exploit available.

A vulnerability was found in Totolink X6000R 9.4.0cu.852_B20230719 and classified as critical. This issue affects the function sub_4119A0 of the file shttpd. The manipulation results in os command injection. This vulnerability was named CVE-2023-48808. The attack needs to be approached within the local network. There is no available exploit.