📄 AndroMouse Server 8.0 Unauthenticated Remote System Control

AndroMouse Server version 8.0 allows attackers to send UDP commands to remotely restart, shutdown, sleep, lock, or log off the target machine without authentication. This leads to unauthorized power state manipulation and potential denial of service. Exploit Title: AndroMouse Server 8.0 –...

📄 AndroMouse Server 8.0 Remote Code Execution

AndroMouse Server version 8.0 proof of concept that exploits an unauthenticated UDP interface to simulate mouse/keyboard actions and execute malicious commands via certutil. Exploit Title: AndroMouse Server 8.0 - Remote Code Execution Date: 03/07/25 Exploit Author: Chokri Hammedi Vendor Homepage:...

DEBIAN-CVE-2025-38124

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...

UBUNTU-CVE-2025-38124

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of udp gso segmentation, which could lead to memory corruption...

📄 Saturn Remote Mouse Server V1 Remote Code Execution

Saturn Remote Mouse Server V1 suffers from a remote code execution vulnerability. Exploit Title: Saturn Remote Mouse Server V1 - Remote Code Execution RCE Date: 2025-06-30 Exploit Author: tmrswrr Vendor Homepage: https://www.saturnremote.com/ Software Link:...

📄 Saturn Remote Mouse Server 1.0.4.0 Remote Code Execution

Saturn Remote Mouse Server version 1.0.4.0 exposes an unauthenticated UDP command interface port 27000 allowing remote attackers to inject keystrokes. This proof of concept demonstrates remote code execution by simulating Windows key combinations to spawn cmd.exe and execute malicious PowerShell...

USN-7595-4 linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

USN-7596-2 linux-azure-nvidia vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...

Largest DDoS Attack to Date

It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

Astra Linux - уязвимость в openssl

Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software allows a perpetrator to execute arbitrary code.

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software relates to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted packets to the UDP port...

Security update for iputils

This update for iputils fixes the following issues: Security fixes: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284. Patch Instructions: To...

Security update for iputils

This update for iputils fixes the following issues: Security fixes: CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284. Patch Instructions: To...

The vulnerability of the dccp_feat_change_recv() function in the net/dccp/feat.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the dccpfeatchangerecv function in the net/dccp/feat.c module of the Linux kernel is related to the lack of memory release after the effective lifespan has ended. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2023-20176

A vulnerability in the networking component of Cisco access point AP software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an...

CLSA-2025-1747251688 corosync: Fix of CVE-2025-30472

CVE-2025-30472: fix stack-based buffer overflow in orftokenendianconvert by adding input validation for large UDP packets...

corosync: Stack buffer overflow from 'orf_token_endian_convert'

A flaw was found in Corosync. In affected versions, a stack-based buffer overflow may be triggered via a large UDP packet in configurations where encryption is disabled or if an attacker knows the encryption key. This issue can lead to an application crash or other undefined behavior...

corosync: Stack buffer overflow from 'orf_token_endian_convert'

A flaw was found in Corosync. In affected versions, a stack-based buffer overflow may be triggered via a large UDP packet in configurations where encryption is disabled or if an attacker knows the encryption key. This issue can lead to an application crash or other undefined behavior...