CVE-2021-0198

Improper access control in the firmware for the IntelR Ethernet Network Controller E810 before version 1.5.5.6 may allow a privileged user to potentially enable a denial of service via local access...

CVE-2025-20140

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...

OESA-2025-1408 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the...

ABB多款产品 信任管理问题漏洞

ABB ASPECT and others are products of ABB Switzerland.ABB ASPECT is a scalable building energy management and control solution.ABB MATRIX is an embedded building automation network controller.ABB NEXUS is a wireless and wired solution. A number of ABB products are vulnerable to a trust management...

Cisco Crosswork Network Controller Cross-Site Scripting Vulnerability

Cisco Crosswork Network Controller is a network controller from Cisco USA. The Cisco Crosswork Network Controller suffers from a stored cross-site scripting vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive...

The vulnerability in the web interface of the Cisco Crosswork Network Controller (CNC) allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Crosswork Network Controller CNC management interface is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

CVE-2025-20123

Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against users of the interface of an affected system. These vulnerabilities exist because the web-based...

CVE-2025-20123 Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerability

Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against users of the interface of an affected system. These vulnerabilities exist because the web-based...

PT-2025-1020 · Cisco · Cisco Crosswork Network Controller

Name of the Vulnerable Software and Affected Versions: Cisco Crosswork Network Controller affected versions not specified Description: The vulnerability exists in the web-based management interface of Cisco Crosswork Network Controller due to improper validation of user-supplied input. An...

PT-2025-3178 · Aviatrix · Aviatrix Network Controller

Name of the Vulnerable Software and Affected Versions: Aviatrix Network Controller affected versions not specified Description: The issue concerns a command injection vulnerability. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

Cisco Crosswork Network Controller 跨站脚本漏洞

Cisco Crosswork Network Controller is a network controller from Cisco USA. The Cisco Crosswork Network Controller suffers from a stored cross-site scripting vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive...

UBUNTU-CVE-2024-49945

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse error or kernel crash caused by the ncsi driver failing to disable the work queue befor...

CVE-2024-20385

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator NDO could allow an unauthenticated, remote attacker to intercept sensitive information from an affected device. This vulnerability exists because the Cisco NDO Validate Peer Certificate site management feature...

CVE-2024-20478

A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leadi...

CVE-2024-20478

A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leadi...

CVE-2024-20478 Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability

A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leadi...

CVE-2024-20478

Cisco APIC and Cisco Cloud Network Controller (formerly Cloud APIC) are affected by a vulnerability in the software upgrade component where insufficient signature validation of upgrade images could allow an authenticated administrator to install a modified image and achieve arbitrary code executi...

Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability

A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leadi...

January 9, 2024—KB5034129 (OS Build 20348.2227)

January 9, 2024—KB5034129 OS Build 20348.2227 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when...