CVE-2026-40434 Anviz CrossChex Standard Improper Verification of Source of a Communication Channel

Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...

CVE-2026-40434 Anviz CrossChex Standard Improper Verification of Source of a Communication Channel

Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...

CVE-2026-40434

Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...

CVE-2026-40434

CVE-2026-40434 affects Anviz CrossChex Standard and is due to improper verification of the source of a communication channel, enabling an adjacent attacker on the same network to inject TCP packets and modify or disrupt client/server traffic. The documented impact is high (I/H, A/H) with no user ...

Anviz CrossChex Standard 安全漏洞

Anviz CrossChex Standard is a centralized control software developed by Anviz Corporation in the United States, used for access control and attendance data management. Anviz CrossChex Standard has a security vulnerability. This vulnerability stems from the lack of source verification in the...

PT-2026-33503

Name of the Vulnerable Software and Affected Versions Anviz CrossChex Standard affected versions not specified Description The software lacks source verification in the client/server channel. This allows an attacker on the same network to perform TCP packet injection to alter or disrupt applicati...

Azure Linux 3.0 Security Update: wireshark (CVE-2024-8645)

The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8645 advisory. - SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001438 advisory. An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001445 advisory. An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check authenticity of...

CVE-2020-7464

In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12.1-RELEASE before p10, 11.4-RELEASE before p4, and 11.3-RELEASE before p14, a programming error in the ure4 device driver caused some Realtek USB Ethernet interfaces to incorrectly report packets with more than 2048 bytes in a...

CVE-2025-26379

Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...

CVE-2025-26379

Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...

CVE-2025-26379

CVE-2025-26379 concerns Johnson Controls PowerG products (IQ Panels2, 2+, IQHub, IQPanel 4). The issue is use of a cryptographically weak pseudo-random number generator, enabling an attacker to read or inject encrypted PowerG packets. Documents consistently cite the weak PRNG as the root cause an...

Exploit for Out-of-bounds Read in Openssl

--- Cybersecurity Labs Portfolio This repository contain...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2025-1261)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1261 advisory. Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file CVE-2025-5601 Tenable has extracted the preceding descripti...

Medium: wireshark

Issue Overview: Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file CVE-2025-5601 Affected Packages: wireshark Issue Correction: Run dnf update wireshark --releasever 2023.9.20251110 or dnf update --advisory...

Whisper Leak: A Side-Channel Attack on Large Language Models

Large Language Models LLMs are increasingly deployed in sensitive domains including healthcare, legal services, and confidential communications, where privacy is paramount. This paper introduces Whisper Leak, a side-channel attack that infers user prompt topics from encrypted LLM traffic by...

Astra Linux - уязвимость в wireshark

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

Astra Linux - уязвимость в wireshark

GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file...

Astra Linux - уязвимость в wireshark

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file...