ROS-20251027-01

Vulnerability in the implementation of application protocols that use the UDP protocol is related to the possibility of of spoofing attacks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted packets...

NIHON KOHDEN Central Monitor CNS-6201

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: When remote access is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987710 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skbsegmentlist Commit 3a1296a38d0c net: Support GRO/GSO fraglist chainin...

CVE-2025-11618

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

CVE-2025-11618

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

FreeRTOS-Plus-TCP 安全漏洞

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP that stems from a lack of validation checks in the UDP/IPv6 packet processing code, which could lead to invalid pointer dereferences...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-405540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-405540 advisory. In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-394085)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-394085 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanupbearer. syzkaller reported a use-after-free o...

Planet WGR-500 swctrl OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2025-2227 Planet WGR-500 swctrl OS command injection vulnerabilities October 7, 2025 CVE Number CVE-2025-54404,CVE-2025-54403 SUMMARY Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986823)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986823 advisory. In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close and udpabort Kaustubh reported and diagnosed a panic in udpliblookup...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414318 advisory. A remote denial of service vulnerability was found in the Linux kernels TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RLSA-2025:14420 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: udp: Fix memory accounting leak. CVE-2025-22058 kernel: netsched: ets: Fix double list add in class with netem as child qdisc CVE-2025-37914 kernel: ice: fix eswitch code memory leak in...

EUVD-2025-29300

Malicious code in bioql PyPI...

EUVD-2025-31674

Malicious code in bioql PyPI...

EUVD-2025-26135

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of zero-copy SKB and TX timestamps in the TCP/UDP protocols, which could lead to a memory...

CVE-2025-59668

Multiple versions of Central Monitor CNS-6201 contain a NULL pointer dereference vulnerability. When processing a crafted certain UDP packet, the affected device may abnormally terminate...

CVE-2025-59668

Multiple versions of Central Monitor CNS-6201 contain a NULL pointer dereference vulnerability. When processing a crafted certain UDP packet, the affected device may abnormally terminate...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...