Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7907-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7907-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7907-2 linux-aws-fips, linux-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

USN-7907-1 linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

USN-7907-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2025:4301-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4301-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: -...

Wireshark Analyzer 4.6.1

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

CVE-2025-63932

D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command...

net: mctp: Don't access ifa_index when missing

...

PT-2025-45178

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module affected versions not specified Description An improper validation of specified quantity in input within the TCP Communication Function can lead to a denial-of-service DoS condition...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http Vulnerability Details CVEID:CVE-2025-4673 DESCRIPTION: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVSS...

nbd: restrict sockets to TCP and UDP

...

CVE-2025-12105

CVE-2025-12105 affects libsoup3 and is caused by a heap use-after-free in the asynchronous message queue handling during HTTP/2 read completion. When network operations are aborted at specific timing, a message queue item may be freed twice, enabling a remote attacker to trigger a denial-of-servi...

CVE-2025-12105

A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missin...

D-Link DIR-852 HNAP1 File Command Injection Vulnerability

D-Link DIR-852 is a dual-band Gigabit wireless router from Youxun Technology, focusing on home networking solutions and supporting Xunlei remote download function. The D-Link DIR-852 suffers from a command injection vulnerability that stems from the failure of file /HNAP1/ to properly filter...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987517)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987517 advisory. In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init is a bad combination...

CVE-2025-55087

In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters...

SUSE SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP5) (SUSE-SU-2025:03553-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03553-1 advisory. This update for the Linux Kernel 5.14.21-1505005580 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc:...

CVE-2025-11617

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...

Wireshark Analyzer 4.6.0

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

CVE-2025-48981

An insecure implementation of the proprietary protocol DNET in Product CGM MEDICO allows attackers within the intranet to eavesdrop and manipulate data on the protocol because encryption is optional for this connection...