CERTFR-2026-ALE-002

creationtimestamp| type| source ---|---|--- 2026-02-26 14:39:40+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3mfrgfmqiah2k...

CERTFR-2025-ALE-014

creationtimestamp| type| source ---|---|--- 2025-12-05 10:25:20+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/115666473271240932...

CERTFR-2025-ALE-012

creationtimestamp| type| source ---|---|--- 2025-08-26 14:27:17+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/115095531158127870 2025-12-05 10:11:20+00:00| patched|...

CERTFR-2024-ALE-013

creationtimestamp| type| source ---|---|--- 2025-03-11 20:37:58+00:00| seen| https://vulnerability.circl.lu/bundle/11268897-8798-4ec2-bcac-b23fe0715823...

CERTFR-2022-ALE-004

creationtimestamp| type| source ---|---|--- 2025-01-29 16:42:35+00:00| seen| https://bsky.app/profile/tuxpanik.bsky.social/post/3lgvfzm5n3c27...

CERTFR-2019-ALE-009

creationtimestamp| type| source ---|---|--- 2025-01-29 16:30:18+00:00| seen| https://bsky.app/profile/tuxpanik.bsky.social/post/3lgvfdmifgf2q...

CERTFR-2017-ALE-002

creationtimestamp| type| source ---|---|--- 2025-01-29 16:20:13+00:00| seen| https://bsky.app/profile/tuxpanik.bsky.social/post/3lgverlo5rc24...

LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context

...

CVE-2024-50111 LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if doale triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled context such as user mode, in this case doale may call getuser which may cause sleep. Then we will get: BU...

PT-2024-33944

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61 Description: The issue is related to the Linux kernel, specifically the LoongArch architecture, where an unaligned access exception can be triggered in an irq-enabled context, such as user mode. This can...

CVE-2024-29150

An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8NOE-R300.1.40.12.4180 and SIP deskphones through 86x8SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in locations that are...

CVE-2024-29149

An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8NOE-R300.1.40.12.4180 and SIP deskphones through 86x8SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image with malicious firmwar...

Alcatel-Lucent ALE NOE 安全漏洞

The Alcatel-Lucent ALE NOE is a desktop phone from Alcatel-Lucent. A security vulnerability exists in Alcatel-Lucent ALE NOE versions 86x8NOE-R300.1.40.07.4140, 86x8SIP-R200.1.01.10.728, which stems from a security issue at check time, which could allow an authenticated attacker to replace the...

Alcatel-Lucent ALE NOE 安全漏洞

The Alcatel-Lucent ALE NOE is a desktop phone from Alcatel-Lucent. A security vulnerability exists in Alcatel-Lucent ALE NOE versions 86x8NOE-R300.1.40.07.4140, 86x8SIP-R200.1.01.10.728, which stems from improper privilege management and allows an authenticated attacker to create symbolic links t...

CVE-2020-7119

A vulnerability exists in the Aruba Analytics and Location Engine ALE web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user...

Design/Logic Flaw

A vulnerability exists in the Aruba Analytics and Location Engine ALE web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user...

CVE-2020-7119

A vulnerability exists in the Aruba Analytics and Location Engine ALE web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user...

CVE-2020-7119

The vulnerability CVE-2020-7119 affects Aruba Analytics and Location Engine (ALE) web management interface versions up to 2.1.0.2. An authenticated administrative user can arbitrarily modify files as the underlying privileged OS user, indicating an privilege-escalation within the web interface. A...

ale-heavylift.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1126516 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2019-14260

On the Alcatel-Lucent Enterprise ALE 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection missing input validation issue in the password change field for the Change Password interface allows an authenticated remote attacker in the same network to trigger OS commands...