Oracle Linux 10 : kernel (ELSA-2025-22854)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22854 advisory. - iommu/vt-d: Disallow dirty tracking if incoherent page walk CKI Backport Bot RHEL-125482 CVE-2025-40058 - net/mlx5: fs, fix UAF in flow counter...

UBUNTU-CVE-2023-53751

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...

Linux Distros Unpatched Vulnerability : CVE-2025-40285

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing...

Characterizing Large-Scale Adversarial Activities through Large-Scale Honey-Nets

The increasing sophistication of cyber threats demands novel approaches to characterize adversarial strategies, particularly those targeting critical infrastructure and IoT ecosystems. This paper presents a longitudinal analysis of attacker behavior using HoneyTrap, an adaptive honeypot framework...

Oracle Linux 9 : kernel (ELSA-2025-21112)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21112 advisory. - crypto: xts - Handle EBUSY correctly Vladis Dronov RHEL-119236 CVE-2023-53494 - ipv6: sr: Fix MAC comparison to be constant-time CKI Backport Bot...

SUSE CVE-2022-50341

In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...

GNUnet P2P Framework 0.26.1

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

CVE-2025-63419

Cross Site Scripting XSS vulnerability in CrushFTP 11.3.648. The Web-Based Server has a feature where users can share files, the feature reflects the filename to an emailbody field with no sanitations leading to HTML Injection...

PT-2025-46678

Name of the Vulnerable Software and Affected Versions CrushFTP version 11.3.6 48 Description A Cross Site Scripting XSS issue exists in CrushFTP. The web-based server’s file sharing feature reflects the filename to an email body field without proper sanitization, leading to potential HTML...

CrushFTP 安全漏洞

CrushFTP is a file transfer server from CrushFTP, Inc. A security vulnerability exists in CrushFTP version 11.3.648, which stems from the web server file sharing feature not cleaning up filenames, and could lead to cross-site scripting attacks...

CVE-2025-63419

Cross Site Scripting XSS vulnerability in CrushFTP 11.3.648. The Web-Based Server has a feature where users can share files, the feature reflects the filename to an emailbody field with no sanitations leading to HTML Injection...

CVE-2025-63419

Summary: CVE-2025-63419 affects CrushFTP 11.3.6_48. The web-based server’s file sharing feature reflects the filename into an emailBody field without sanitization, enabling HTML injection through an XSS vulnerability. Affected: CrushFTP Web-Based Server (CrushFTP 11.3.6_48). Impact/Notes: XSS via...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989034)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989034 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning:...

CVE-2025-34501

Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user interface, while multiple management services SSH, HTTP, Telnet, SMB, X11 are enabled by default. If an attacker can reach these interfaces - most often through local or near-local access such as...

PT-2025-44802

Name of the Vulnerable Software and Affected Versions Deck Mate 2 affected versions not specified Description Deck Mate 2 is shipped with pre-set, unchanging credentials for both the root shell and the web user interface. Multiple management services, including SSH, HTTP, Telnet, SMB, and X11, ar...

GNUnet P2P Framework 0.25.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

Microsoft Windows SMB Server Access Control Error Vulnerability

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. A security vulnerability exists in Microsoft Windows SMB Server that can be exploited by an...

CVE-2025-58726

Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

EUVD-2025-34368

Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network...

Windows SMB Client Tampering Vulnerability

Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network...