1893 matches found
BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery
Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the BrightSign digital signage media player affecting the Diagnostic Web Server DWS. The application parses user supplied data in the 'url' GET parameter to construct a diagnostics request to the Download Speed Test service...
Malicious code in speed5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eec0d2d56f1e9730af8b7f3a7b8897e86491d48663f7b09ae7c716f6b3c0092 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...
CVE-2026-10668
The CVE describes a DoS in the Nuvoton NuMaker HSUSBD UDC driver (udc_numaker.c): the control Data IN is armed unconditionally, and since the hardware cannot disarm a previously armed IN, a host can repeatedly cancel and re-SETUP, wedge the control endpoint, and cause the device to refuse further...
AlmaLinux 9 : kernel update (High) (ALSA-2026:36645)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:36645 advisory. kernel: eventpoll: defer struct eventpoll free to RCU grace period CVE-2026-43074 kernel: eventpoll: fix epremove struct eventpoll / struct file UAF...
Important: Red Hat Security Advisory: kernel update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
[SECURITY] Fedora 43 Update: betterleaks-1.6.0-1.fc43
A Better Secrets Scanner built for configurability and speed...
[SECURITY] Fedora 44 Update: betterleaks-1.6.0-1.fc44
A Better Secrets Scanner built for configurability and speed...
Important: kernel update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: eventpoll: defer struct eventpoll free to RCU grace period CVE-2026-43074 kernel: eventpoll: fix epremove struct eventpoll / struct file UAF CVE-2026-46242 kernel: Linux kernel: netfilter...
ALSA-2026:36645 Important: kernel update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: eventpoll: defer struct eventpoll free to RCU grace period CVE-2026-43074 kernel: eventpoll: fix epremove struct eventpoll / struct file UAF CVE-2026-46242 kernel: Linux kernel: netfilter...
SUSE-SU-2026:2777-1 Security update for cryptsetup, s390-tools
This update for cryptsetup, s390-tools fixes the following issue Security fixes: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270185. Changes for s390-tools: - Upgrade s390-tools to version 2.41.0 jscPED-15860 - Automatically set...
EUVD-2026-40013
A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...
CVE-2026-13516
A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...
OPENSUSE-SU-2026:21074-1 Security update for loupe
This update for loupe fixes the following issue - CVE-2025-58160: tracing-subscriber: untrusted input containing ANSI escape sequences can lead to terminal manipulation bsc1249009. Changes for loupe: - Update to version 48.2: - Check if the is-hidden property is available before reading it. -...
CVE-2026-56272
Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...
CVE-2026-51846
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...
CVE-2026-51846
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...
EUVD-2026-38052
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...
PT-2026-50969
Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow exists in the '/goform/AdvSetMacMtuWan' endpoint. This issue occurs when processing the wanSpeed parameter, which can lead to remote arbitrary code execution. Recommendations At...
CVE-2026-51846
CVE-2026-51846 affects Tenda AC7 v15.03.06.44. The vulnerability is a stack buffer overflow in the WAN speed parameter (wanSpeed) of the /goform/AdvSetMacMtuWan route, leading to remote arbitrary code execution. Affected component is the WAN configuration endpoint; root cause is improper handling...
ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat
A detailed ESET MDR vs Sophos MDR comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose...