Canias ERP 加密问题漏洞

Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains a security vulnerability related to encryption. This vulnerability stems from the use of hardcoded...

CVE-2026-8192

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...

CVE-2026-8188

A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...

EUVD-2026-28916

A vulnerability was found in Wavlink NU516U1 M16U1V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlanbssid/selAutomode/selEncrypTyp results in os command injection. It is possible to launch the attack remotely. Th...

CVE-2026-32683

Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video...

OPENSUSE-SU-2026:20709-1 Security update for tor

This update for tor fixes the following issues: Changes in tor: - Update to 0.4.9.8 Fix out-of-bounds read boo1264341, CVE-2026-44597, TROVE-2026-011 Do not attempt or accept BEGINDIR via conflux legs boo1264342, CVE-2026-44599,TROVE-2026-008 Adjust conflux out-of-order queue accounting when...

CVE-2026-32683

Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video...

CVE-2026-32683

Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video...

CVE-2026-32683

Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video...

CVE-2026-32683

CVE-2026-32683 affects EZVIZ products that use older cloud feature modules with legacy API interfaces. The root issue is data transmission risk due to these outdated modules, potentially allowing an attacker to eavesdrop on network requests and obtain data. The available sources describe the impa...

EUVD-2026-28907

Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video...

SUSE CVE-2026-43188

In the Linux kernel, the following vulnerability has been resolved: ceph: do not propagate page array emplacement errors as batch errors When fscrypt is enabled, movedirtyfolioinpagearray may fail because it needs to allocate bounce buffers to store the encrypted versions of each folio. Each foli...

Wavlink NU516U1 命令注入漏洞

Wavlink NU516U1 is a wireless printing server developed by Wavlink Corporation. The Wavlink NU516U1 M16U1V240425 version has a command injection vulnerability. This vulnerability arises from the operation of the wzdrepeater function in the file/cgi-bin/adm.cgi, which handles parameters such as...

PT-2026-39404

A security flaw has been discovered in Wavlink NU516U1 M16U1 V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wl Pass is directly passed by the attacker/so we can control the EncrypType/wl Pass results in os...

PT-2026-39324

Name of the Vulnerable Software and Affected Versions EZVIZ products affected versions not specified Description Certain products use outdated cloud feature modules with legacy API interfaces, creating a data transmission risk. This allows attackers to obtain data by eavesdropping on network...

Important: kernel-livepatch-5.10.252-250.1016

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

Unbreakable Enterprise kernel security update: Dirty Frag

6.12.0-201.74.2.3 - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present Hyunwoo Kim Orabug: 39342689 CVE-2026-43500 - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets David Howells Orabug: 39342689 - rxrpc: only handle RESPONSE during service challenge Wang Jie...

CVE-2026-41520

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...

CVE-2026-41520

CVE-2026-41520 affects Cilium’s bugtool output. Prior to versions 1.17.15, 1.18.9, and 1.19.3, running cilium-bugtool against deployments with WireGuard encryption can reveal sensitive data in the bug archive. The issue is addressed in the patched releases: 1.17.15, 1.18.9, and 1.19.3. The CVSS-d...

CVE-2026-41520 Cillium exposes sensitive information included in the cilium-bugtool debug archive

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. This issue has been...