CVE-2025-15543

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...

CVE-2025-15543

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...

AZL-75770 CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

EUVD-2025-206534

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...

CVE-2025-15543 Read-Only Root Access via USB Storage Device in TP-Link VX800v

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...

CVE-2025-15543

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...

CVE-2026-24054

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

EUVD-2026-4958

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions when the container image is malformed or contains no layers. An attacker can cause service disruption and induce filesystem errors by supplying a specially crafted container image...

CVE-2026-25067 SmarterTools SmarterMail < Build 9518 Unauthenticated background-of-the-day Path Coercion

SmarterTools SmarterMail versions prior to build 9518 contain an unauthenticated path coercion vulnerability in the background-of-the-day preview endpoint. The application base64-decodes attacker-supplied input and uses it as a filesystem path without validation. On Windows systems, this allows U...

PT-2026-5322

Name of the Vulnerable Software and Affected Versions VX800v version 1.0 Description A flaw exists in the USB HTTP access path that results in improper link resolution. This allows a specially crafted USB device to reveal the root filesystem contents, granting an attacker with physical access...

GHSA-F72R-2H5J-7639 SiYuan File Read API Case Sensitivity Bypass can Lead to Path Traversal

File Read Interface Case Bypass Vulnerability Vulnerability Name File Read Interface Case Bypass Vulnerability Overview The /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can...

SUSE CVE-2026-22989

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

Security update for nodejs22

This update for nodejs22 fixes the following issues: Security fixes: CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing denia...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005169 advisory. In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemapread If the caller supplies an iocb-kipos value that is...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005157 advisory. In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after removeprocentry. syzbot reported a warning in bcmrelease. 0...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005114)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005114 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfsbtnodecreateblock Syzbot reported that a buffer state...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005033)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005033 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsyncentryslab by multi filesystem instances As syzbot reported, the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005097 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel B...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005094 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fsbuildfaultattr - It missed to check validation of...