CVE-2025-26858

creationtimestamp| type| source ---|---|--- 2025-12-01 15:30:45+00:00| seen| https://infosec.place/objects/540fe5e0-813d-4691-8eba-748bb4006edc...

Socomec DIRIS Digiware M-70 Modbus TCP buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2152 Socomec DIRIS Digiware M-70 Modbus TCP buffer overflow vulnerability December 1, 2025 CVE Number CVE-2025-26858 SUMMARY A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set o...

Linux Distros Unpatched Vulnerability : CVE-2024-26858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after...

kernel security update

5.14.0-427.26.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbypo...

BELL-CVE-2024-26858

Bulletin has no description...

CVE-2024-26858 net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadatamap Just simply reordering the functions mlx5eptpmetadatamapput and mlx5eptpsqtrackmetadata in the mlx5etxwqecomplete...

CVE-2023-26858

creationtimestamp| type| source ---|---|--- 2023-04-01 00:22:21+00:00| seen| https://t.me/cibsecurity/61283...

CVE-2023-26858

SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

CVE-2023-26858

SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

CVE-2023-26858

CVE-2023-26858 describes a SQL injection vulnerability in PrestaSHp faqs v.3.1.6 that allows a remote attacker to escalate privileges through the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component. The vulnerability is reflected across multiple sources (NVD, Red Hat, CVE lists, ...

CVE-2023-26858

SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...

Dell Client BIOS Multiple Vulnerabilities (DSA-2022-224)

The Dell BIOS on the remote device is missing a security patch and is, there, is affected by multiple vulnerabilities. - Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security...

CVE-2022-26858

creationtimestamp| type| source ---|---|--- 2022-09-07 00:13:40+00:00| seen| https://t.me/cibsecurity/49389...

CVE-2022-26858

Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls...

CVE-2022-26858

Dell BIOS CVE-2022-26858 is an Improper Authentication vulnerability affecting Dell BIOS versions. A locally authenticated user can potentially bypass security controls by sending malicious input to an SMI. The issue is commonly discussed alongside related BIOS vulnerabilities (DSA-2022-224) and ...

2021 Top Routinely Exploited Vulnerabilities

Summary This joint Cybersecurity Advisory CSA was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, Federal Bureau of Investigation FBI,...

Lemon Duck Cryptojacking Botnet Changes Up Tactics

The Lemon Duck cryptocurrency-mining botnet has added the ProxyLogon group of exploits to its bag of tricks, targeting Microsoft Exchange servers. That’s according to researchers at Cisco Talos, who said that the cybercrime group behind Lemon Duck has also added the Cobalt Strike attack framework...

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065. Microsoft will continue to monitor these threats and provide updated tools and...