DEBIAN-CVE-2025-38696

In the Linux kernel, the following vulnerability has been resolved: MIPS: Don't crash in stacktop for tasks without ABI or vDSO Not all tasks have an ABI associated or vDSO mapped, for example kthreads never do. If such a task ever ends up calling stacktop, it will derefence the NULL ABI pointer...

UBUNTU-CVE-2025-38696

In the Linux kernel, the following vulnerability has been resolved: MIPS: Don't crash in stacktop for tasks without ABI or vDSO Not all tasks have an ABI associated or vDSO mapped, for example kthreads never do. If such a task ever ends up calling stacktop, it will derefence the NULL ABI pointer...

CVE-2025-38696

CVE-2025-38696 (Linux kernel, MIPS) : The issue occurs in stack_top() for tasks without an ABI or vDSO mapping (e.g., kthreads). If such a task calls stack_top(), it can dereference a NULL ABI pointer and crash. Affected area is the MIPS support in the Linux kernel; the advisory notes the crash c...

CVE-2025-38696 MIPS: Don't crash in stack_top() for tasks without ABI or vDSO

In the Linux kernel, the following vulnerability has been resolved: MIPS: Don't crash in stacktop for tasks without ABI or vDSO Not all tasks have an ABI associated or vDSO mapped, for example kthreads never do. If such a task ever ends up calling stacktop, it will derefence the NULL ABI pointer...

CVE-2025-38696 MIPS: Don't crash in stack_top() for tasks without ABI or vDSO

In the Linux kernel, the following vulnerability has been resolved: MIPS: Don't crash in stacktop for tasks without ABI or vDSO Not all tasks have an ABI associated or vDSO mapped, for example kthreads never do. If such a task ever ends up calling stacktop, it will derefence the NULL ABI pointer...

Samsung MagicINFO Server Installed (Windows)

Binary data samsungmagicinfowininstalled.nbin...

Systematic Timing Leakage Analysis of NIST PQDSS Candidates: Tooling and Lessons Learned

The PQDSS standardization process requires cryptographic primitives to be free from vulnerabilities, including timing and cache side-channels. Resistance to timing leakage is therefore an essential property, and achieving this typically relies on software implementations that follow constant-time...

Fedora 41 : exiv2 (2025-e1ae3d4ed9)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e1ae3d4ed9 advisory. Exiv2 0.28.6 + patch to fix silent abi breakage ---- Exiv2 v0.28.6 Fixes two low severity CVEs Tenable has extracted the preceding description block...

Libssh: write beyond bounds in binary to base64 conversion functions

...

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

...

CVE-2025-57777 Out Of Bounds Write in displ2.dll when parsing a DSB file with Digilent DASYLab

There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. Th...

CVE-2024-48705

Wavlink AC1200 with firmware versions M32A3V1410230602 and M32A3V1410240222 are vulnerable to a post-authentication command injection while resetting the password. This vulnerability is specifically found within the "setsysadm" function of the "adm.cgi" binary, and is due to improper santization ...

Linux Distros Unpatched Vulnerability : CVE-2019-9076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocatio...

Linux Distros Unpatched Vulnerability : CVE-2024-23947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an...

Yii Framework Installed (Linux / Unix)

Binary data yiiframeworknixinstalled.nbin...

CVE-2025-9586

A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wirelessdevicedissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available...

CVE-2025-9583

A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function pingconfig of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...

CVE-2025-55582

D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script mydlink-watch-dog.sh, which blindly respawns binaries such as dcp and signalc without verifying integrity, authenticity, or permissions. An attacker with local filesystem access via physical access, firmware...

CVE-2009-20011 ContentKeeper Web Appliance < 125.10 RCE via mimencode

ContentKeeper Web Appliance now maintained by Impero Software versions prior to 125.10 are vulnerable to remote command execution due to insecure handling of file uploads via the mimencode CGI utility. The vulnerability allows unauthenticated attackers to upload and execute arbitrary scripts as t...

Virtual Reality, Real Problems: a Longitudinal Security Analysis of VR Firmware

Virtual Reality VR technology is rapidly growing in recent years. VR devices such as Meta Quest 3 utilize numerous sensors to collect users' data to provide an immersive experience. Due to the extensive data collection and the immersive nature, the security of VR devices is paramount. Leading VR...