CVE-2026-41036

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device. Successful exploitation of this...

CVE-2025-69755

An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted command to the atcommand.asp interface...

CVE-2025-69755

An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted command to the atcommand.asp interface...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to view the data of kernel pages by providing a larger insize value in struct croseccommand1 when invoking EC host commands. This issue can be fixed b...

[SECURITY] Fedora 42 Update: GitPython-3.1.50-1.fc42

GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. It provides abstractions of git objects for easy access of repository data, a nd additionally allows you to access the git repository more directly using eith er a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013603)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013603 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should...

EUVD-2026-24077

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device. Successful exploitation of this...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011040)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011040 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should...

CVE-2026-31861

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to childprocess.exec. The...

Frigate security vulnerabilities

Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 2.02 of Frigate contains a security vulnerability, which stems from the command-line interface accepting excessively large inputs, potentially causing the application t...

CVE-2026-0786 ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw...

SUSE CVE-2022-50726

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

CVE-2022-50726

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

CVE-2022-50726

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

CVE-2022-50726 net/mlx5: Fix possible use-after-free in async command interface

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

CVE-2022-50726

In CVE-2022-50726, the Linux kernel mlx5 async command interface had a use-after-free caused by a race between mlx5_cmd_cleanup_async_ctx and mlx5_cmd_exec_cb_handler. The patch fixes this by using a completion object and completing when num_inflight reaches 0, ensuring cleanup only after all in-...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the existence of post-release reuse of the asynchronous command interface...

CVE-2025-26787

An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to configure Certificate access to the initial startup of the container sets a property of "allowany" to allow any user with a valid and trusted client auth...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989638 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix tag leaks on error In pm8001chipsetdevstatereq, pm8001chipfwflashupdatereq,...

Ericsson RAN Compute和Ericsson Site Controller 6610 安全漏洞

Ericsson RAN Compute and Ericsson Site Controller 6610 are both products of Ericsson, a Swedish company.Ericsson RAN Compute is a cloud-native software solution for handling computing functions in a RAN.Ericsson Site Controller 6610 is an intelligent power management controller for site...