859 matches found
JLSEC-2026-394
When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...
CVE-2026-31512 Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2capecreddatarcv l2capecreddatarcv reads the SDU length field from skb-data using getunalignedle16 without first verifying that skb contains at least...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from l2capecreddatarcv not verifying the PDU length before reading the SDU length, potentially leading...
CVE-2026-35516
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...
PT-2026-30864
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...
EUVD-2026-19337
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...
CVE-2026-21381 Buffer Over-read in WLAN Firmware
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...
CVE-2026-21381
CVE-2026-21381 is described in connected records as a buffer over-read in WLAN firmware causing a transient denial-of-service when a service data frame with excessive length is processed during device matching over a neighborhood awareness network protocol. This CVE is associated with WLAN firmwa...
CVE-2026-21381 Buffer Over-read in WLAN Firmware
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...
EUVD-2026-19199
In the Linux kernel, the following vulnerability has been resolved: media: dvb-net: fix OOB access in ULE extension header tables The ulemandatoryexthandlers and uleoptionalexthandlers tables in handleoneuleextension are declared with 255 elements valid indices 0-254, but the index htype is deriv...
CVE-2026-31405
In the Linux kernel, the following vulnerability has been resolved: media: dvb-net: fix OOB access in ULE extension header tables The ulemandatoryexthandlers and uleoptionalexthandlers tables in handleoneuleextension are declared with 255 elements valid indices 0-254, but the index htype is deriv...
CVE-2026-31405
CVE-2026-31405 : Linux kernel media/dvb-net vulnerability — OOB read in ULE extension header tables due to 255-element lookup arrays; bounds check added for htype to ensure out-of-range SNDU is discarded. This resolves a kernel-wide issue and is reflected in OSV advisories (e.g., Root: Debian 11/...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from the reception of service data frames with excessively long lengths during device matching via Neighbor Discovery protocol...
EUVD-2026-15025
An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used...
PT-2026-27518
An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used...
ROS-20260306-73-0006
A vulnerability in the kernfsshoulddrainopenfiles function of the kernfs component of the Linux kernel is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker to disclose protected information...
CVE-2025-69247
free5GC go-upf is the User Plane Function UPF implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow CWE-122 vulnerability leading to Denial of Service. Remote attackers can crash the UPF network element by sending a specially...
ROS-20260128-73-0026
A vulnerability in the drivers/platform/chrome/crosecchardev.c module of the Linux kernel is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker to disclose protected information...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38304)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38304 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on...
CVE-2026-21925
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...