12955 matches found
K000161837: Out-of-band Security Notification (July 15, 2026)
Security Advisory Description On July 15, 2026, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. Article CVE|...
CVE-2026-59886 pyasn1: Uncontrolled resource consumption when converting decoded REAL values
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact big-integer exponentiation. A BER, CER, or DER encoded REAL value only a few bytes long can carry a very large exponent, causing float...
CVE-2026-53364
A flaw was found in the Linux kernel's Bluetooth Host Controller Interface HCI connection handling. The hcilebigterminate function, which is responsible for terminating Bluetooth connections, allocates memory but fails to free it under specific conditions when certain flags are not set. This memo...
CVE-2026-53364 Bluetooth: hci_conn: Fix memory leak in hci_le_big_terminate()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leak in hcilebigterminate hcilebigterminate allocates isolistdata via kzallocobj but returns 0 without freeing it when neither pasyncterm nor bigsyncterm flags are set after evaluating the PA and BI...
CVE-2026-53364
The CVE-2026-53364 entry concerns the Linux kernel Bluetooth HCI subsystem. A memory leak in hci_le_big_terminate() occurs when iso_list_data allocated via kzalloc_obj is not freed on an early return path after evaluating PA/BIG sync state (neither pa_sync_term nor big_sync_term flags set). This ...
PT-2026-57836
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Bluetooth component within the hci le big terminate function. The issue occurs when the function allocates iso list data using kzalloc obj but returns 0 witho...
F5 iControl REST - Remote Command Execution
F5 iControl REST interface is susceptible to remote command execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. This affects BIG-IP 16.0.x before 16.0.1.1, 15.1.x before...
FTP Fetch, Linux Execute Command
Fetch and execute an MIPSBE payload from an FTP server. A very small shellcode for executing commands. This module is sometimes helpful for testing purposes. Module Options msf use payload/cmd/linux/ftp/mipsbe/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf...
FTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSBE payload from an FTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/ftp/mipsbe/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sho...
FTP Fetch
Fetch and execute an MIPSBE payload from an FTP server. Module Options msf use payload/cmd/linux/ftp/mipsbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
FTP Fetch
Fetch and execute an MIPSBE payload from an FTP server. Module Options msf use payload/cmd/linux/ftp/mipsbe/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and s...
FTP Fetch, Linux Reboot
Fetch and execute an MIPSBE payload from an FTP server. A very small shellcode for rebooting the system. This payload is sometimes helpful for testing purposes or executing other payloads that rely on initial startup procedures. Requires CAPSYSBOOT privileges. Module Options msf use...
FTP Fetch, Linux Command Shell, Reverse TCP Stager
Fetch and execute an MIPSBE payload from an FTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/ftp/mipsbe/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...
FTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an MIPSBE payload from an FTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/ftp/mipsbe/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
FTP Fetch, Reverse TCP Stager
Fetch and execute an MIPSBE payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/ftp/mipsbe/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
FTP Fetch, Linux ARM Big Endian Command Shell, Bind TCP Inline
Fetch and execute an ARMBE payload from an FTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/ftp/armbe/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...sh...
FTP Fetch
Fetch and execute an ARMBE payload from an FTP server. Module Options msf use payload/cmd/linux/ftp/armbe/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and...
FTP Fetch
Fetch and execute an ARMBE payload from an FTP server. Module Options msf use payload/cmd/linux/ftp/armbe/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and set...
A Majority of European Lawmakers Voted Against Letting Big Tech Read Our Messages. They’re Going to Anyway
Companies will once again be allowed to scan citizens’ personal texts, emails, and social media messages via the “Chat Control” bill to find child abuse material online...
mariadb: MariaDB server: SQL injection vulnerability via improper handling of big5 character set with mysql_real_escape_string()
A flaw was found in MariaDB server. An application processing non-validated user input, which then uses mysqlrealescapestring and sends data to the database via text protocol with the big5 character set, is vulnerable to SQL injection. This allows a remote attacker to execute malicious SQL...