KeySight RF - smsRestoreDatabaseZip UNC path to Remote Code Execution

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

PT-2026-51577

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2026.5.3 Description The LocationSensorManager BroadcastReceiver is exported without requiring permissions. This allows any installed application on the device, regardless of its runtime permissions, to send a...

Cloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for Windows

Secure your Windows fleet without sacrificing performance. Wiz pairs real-time threat detection with a memory-safe architecture that scales efficiently to protect your essential cloud infrastructure...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fixed streaming cleanup upon release. The current implementation mxcisivideocleanupstreaming in mxcisivideorelease. This can lead to situations where any release call such as from a simple v4l2-ctl -l may...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: hwmon: Handling failures in registering sensors with a thermal zone correctly. If an attempt is made to register a sensor with a thermal zone and it fails, the call to devmthermalzoneofsensorregister may return -ENODEV. This c...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: The second sensor, hi3660, was removed. The commit 74c8e6bffbe1 “driver core: Add allocsize hint to devm allocators” exposes a panic “BRK handler: Fatal exception” during the hi3660thermalprobe function. Thi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fixed the dereference of ERRPTR in mlx90635probe. When devmregmapiniti2c fails, regmapee can be an error pointer. Instead of checking ISERRregmapee, regmap is checked, which seems like a copy-paste err...

Astra Linux – Vulnerability in Chromium

Before version 92.0.4515.107, using "use after free" in sensor handling in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved handling of caches. This issue has been fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, and watchOS 26. It is possible for a website to access sensor information without user consent...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “ice”: fixed the devlink reload call trace. The commit 4da71a77fc3b “ice: read internal temperature sensor” introduced the use of the internal temperature sensor via HWMON. The functions icehwmoninit and icehwmonexit were added t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: hwmon: In the readstring function, the sensor index is checked. This prevents potential invalid memory accesses when the requested sensor is not found. findecsensorindex may return a negative value e.g., -ENOENT, but its result w...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: hwmon: macsmc Fixed regressions in the Apple Silicon SMC hwmon driver. The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fixed overflows in the compensate functions. There are cases in the compensate functions of the driver where overflows of variables may occur due to bit shifting operations. These issues were initially...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fixed the issue of NULL pointer dereferencing during SSDB/PLD parsing. When the functions ipubridgeparserotation and ipubridgeparseorientation are executed, sensor-adev is not set yet. Therefore, if either of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than are present in the FIFO. The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: light: opt3001: fixed a deadlock caused by concurrent flag access. The threaded IRQ function in this driver reads the flag twice: once to lock a mutex and once to unlock it. Although the code that sets the flag is designed t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that can ultimately be read by user space, it is necessary to ensure that the buffer is zeroed...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: Ignoring non-functional sensors in the HP 5MP Camera The HP 5MP Camera USB ID 0408:5473 reports a HID sensor interface that is not actually implemented. Attempting to access this non-functional sensor via iioinfo causes the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The “sample” local struct is used to push data to user space from a triggered buffer. However, there is a flaw in the structure, specifically between the temperatur...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed a use-after-free issue in the hidishtpclremove function. During the rmmod operation for the intelishtphid driver, a use-after-free issue can occur in the hidishtpclremove function. The function...