CVE-2026-10187 Totolink N300RH Web Management wireless.so setWiFiBasicConfig stack-based overflow

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

CVE-2026-9395

A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...

PT-2026-39455

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: do not free the NULL coalescing rule. If parsing fails, we can dereference a NULL pointer here...

CVE-2026-31548

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

CVE-2025-71224

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rxnosta when interface is not joined ieee80211ocbrxnosta assumes a valid channel context, which is only present after JOINOCB. RX may run before JOINOCB is executed, in which case the OCB interface is no...

CVE-2025-53966

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message...

PT-2026-1324

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1380 Samsung Mobile Processor Exynos 1480 Samsung Mobile Processor Exynos 2400 Samsung Mobile Processor Exynos 1580 Description An improper handling of the NL80211 vendor command results in a buffer overflow whe...

PT-2026-27701

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc2 Description The Linux kernel contains a use-after-free error within the cfg80211 shutdown all interfaces function. This issue occurs because the rfkill block work is not cancelled during wiphy...

CVE-2023-53641 wifi: ath9k: hif_usb: fix memory leak of remain_skbs

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of remainskbs hifdev-remainskb is allocated and used exclusively in ath9khifusbrxstream. It is implied that an allocated remainskb is processed and subsequently freed in error paths only durin...

EUVD-2017-6396

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986755 advisory. In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211stopap when switch from P2PGO type If the userspace tools switch from...

CVE-2025-10359

A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub404DBC of the file /cgi-bin/wireless.cgi. The manipulation of the argument macAddr results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor wa...

CVE-2025-38291 wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash Currently, we encounter the following kernel call trace when a firmware crash occurs. This happens because the host sends WMI commands to the firmware...

PT-2025-8779 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version containing the fix for the issue described Description: A specific error path in probe functions in wilc drivers can lead to a kernel panic. This issue is due to a recent change decoupling wiphy...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption that can occur when stopping the WLAN interface after processing WMI commands from the interface...

UBUNTU-CVE-2024-27410

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an overwrite of data i...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets, which is caused by a memory corruption in the wireless interface layer when sending an SMS or writing an SMS to a SIM...

kernel: wifi: mac80211: fix memory leak in ieee80211_if_add()

No description is available for this CVE...

kernel: wifi: ath11k: fix memory leak in WMI firmware stats

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod. Fix it by calling ath11kfwstatsfree function before hardware unregister. While at i...