Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Abort software beacon handling if disabled. A malicious USB device can send an WMISWBAEVENTID event from an ath9khtc-managed device before beaconing is enabled. This causes a device-by-zero error in the driver,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192u: Fixed a deadlock in ieee80211beaconsstop There is a deadlock in ieee80211beaconsstop, as shown below: Thread 1 | Thread 2 | ieee80211sendbeacon ieee80211beaconsstop | modtimer spinlockirqsave //1 | Wai...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel versions 5.8 through 5.19.x, prior to 5.19.16, local attackers who were able to inject WLAN frames into the mac80211 stack could carry out a NULL pointer dereferencing denial-of-service attack against the beacon protection of P2P devices...

GHSA-6FPF-248C-M7WM Sliver One-Click Remote Access: Insecure CORS & Unauthenticated MCP Interface

A single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected target data e.g. SSH keys, ntds.dit or destroying the entire compromised infrastructure, entirely through the operator's own...

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13430)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...

CVE-2026-26327

OpenClaw is a personal AI assistant. Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs...

OpenClaw 数据伪造问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38157)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38157 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Abort software beacon...

CVE-2023-43520

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988707 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192e: Fix deadlock in rtllibbeaconsstop There is a deadlock in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986939 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192e: Fix deadlock in rtllibbeaconsstop There is a deadlock in...

EUVD-2022-36295

Malicious code in bioql PyPI...

EUVD-2023-47926

Malicious code in bioql PyPI...

EUVD-2024-30756

Malicious code in bioql PyPI...

SUSE CVE-2025-39864

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmpbss Following bssfree quirk introduced in commit 776b3580178f "cfg80211: track hidden SSID networks properly", adjust cfg80211updateknownbss to free the last beacon frame elements only if...

AZL-64508 CVE-2025-38157 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Abort software beacon handling if disabled A malicious USB device can send a WMISWBAEVENTID event from an ath9khtc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver...

UBUNTU-CVE-2025-38157

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Abort software beacon handling if disabled A malicious USB device can send a WMISWBAEVENTID event from an ath9khtc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver...

CVE-2021-36798

A Denial-of-Service DoS vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it...

CVE-2020-11212

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...