278 matches found
EUVD-2025-208725
Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...
CVE-2026-25071
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...
EUVD-2026-10093
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...
CVE-2026-25071
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...
CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...
CVE-2026-25071
CVE-2026-25071 affects XikeStor SKS8310-8X network switch firmware version 1.04.B07 and earlier. The vulnerability is a missing authentication on the /switch_config.src endpoint, allowing unauthenticated remote attackers to download device configuration files, potentially exposing sensitive VLAN ...
CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...
OSV-2026-246 Use-of-uninitialized-value in printAddressingMode
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=484248078 Crash type: Use-of-uninitialized-value Crash state: printAddressingMode M68KprintInst csdisasm...
CVE-2026-23103 ipvlan: Make the addrs_lock be per port
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrslock be per port Make the addrslock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so for the case of IPv6. ...
CVE-2026-23085 irqchip/gic-v3-its: Avoid truncating memory addresses
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...
CVE-2025-71089
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
iommu: disable SVA when CONFIG_X86 is set
...
SUSE CVE-2025-71089
In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...
AZL-74330 CVE-2025-71089 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...
CVE-2025-71089
In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...
CVE-2025-71089
In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...
CVE-2025-71089
CVE-2025-71089 affects the Linux kernel via IOMMU Shared Virtual Addressing (SVA). In SVA, the IOMMU can cache kernel page-table entries, so freeing a kernel page-table page and reusing it could leave stale IOMMU entries, enabling use-after-free or write-after-free scenarios that could allow loca...
CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set
In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...
CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set
In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...
CVE-2025-62820
Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network...