5095 matches found
CVE-2026-23191 ALSA: aloop: Fix racy access at PCM trigger
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
CVE-2026-23191
CVE-2026-23191 (Linux kernel — ALSA aloop) resolves a race in the aloop PCM trigger path that could cause a use-after-free when repeatedly opening/closing the tied stream. The vulnerability occurs because the trigger callback checks the PCM state and stops the tied substream outside the cable loc...
CVE-2026-20640
The CVE-2026-20640 entry describes an inconsistent user interface issue caused by improved state management in iOS/iPadOS. Affected software: iPhone with iOS and iPad with iPadOS, prior to version 26.3. Vulnerable component: user interface state management during iPhone Mirroring with a Mac, whic...
PT-2026-27527
Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.7.4 macOS versions prior to 26.3 Description A privacy issue existed due to improper handling of temporary files. This could allow an application to capture a user's screen. Recommendations Update macOS to version...
Siemens SCALANCE and RUGGEDCOM Double Free (CVE-2023-7256)
In affected libpcap versions during the setup of a remote packet capture the internal function sockinitaddress calls getaddrinfo and possibly freeaddrinfo, but does not clearly indicate to the caller function whether freeaddrinfo still remains to be called after the function returns. This makes i...
Siemens SCALANCE and RUGGEDCOM NULL Pointer Dereference (CVE-2024-8006)
Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...
CVE-2026-24678 FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecamchannelwrite. This vulnerability is fixed in 3.22.0...
CVE-2026-24678
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecamchannelwrite. This vulnerability is fixed in 3.22.0...
CVE-2026-24678 FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecamchannelwrite. This vulnerability is fixed in 3.22.0...
CVE-2026-24676
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format renegotiation frees the active format list while the capture thread continues using audin-format, leading to a use after free in audioformatcompatible. This vulnerability is fixed in 3.22.0...
FreeRDP 资源管理错误漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from the capture thread using a freed channel callback to send sample responses after the...
CVE-2026-1743
A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from...
CVE-2026-1743
A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from...
CVE-2026-1743 DJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replay
A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from...
CVE-2026-1743
CVE-2026-1743 affects DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. The vulnerability concerns an unknown function in the Enhanced Wi‑Fi Pairing component that can be bypassed via capture‑replay from within a local network. Impact is described as partial availability loss with no confi...
EUVD-2026-5151
A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from...
CVE-2026-1743 DJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replay
A vulnerability has been found in DJI Mavic Mini, Air, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from...
PT-2026-5602
A vulnerability has been found in DJI Mavic Mini, Spark and Mini SE up to 01.00.0500. Affected by this vulnerability is an unknown functionality of the component Enhanced Wi-Fi Pairing. The manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within t...
EUVD-2025-206588
In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures e.g. probe deferral...
Exploit for CVE-2025-36911
ZWhisper for Linux CVE-2025-36911 WhisperPair Vulnerabilit...