CVE-2026-36615

Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 is affected by CVE-2026-36615 due to an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network. The issue stems from exposure of internal data to nearby devices wit...

RockyLinux 10 : libssh (RLSA-2026:18160)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:18160 advisory. libssh: Buffer underflow in sshgethexa on invalid input CVE-2026-0966 libssh: Improper sanitation of paths received from SCP servers CVE-2026-0964...

PT-2026-45902

ipmi-oem in FreeIPMI before 1.16.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system...

Security update for vorbis-tools (moderate)

openSUSE security update: security update for vorbis-tools ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20891-1 Rating: moderate References: bsc1265361 Cross-References: CVE-2026-34253 CVSS scores: CVE-2026-34253 SUSE : 3.3...

VulnCheck KEV: CVE-2021-27137

DD-WRT.UPNP.CVE-2021-27137.uuid.Buffer.Overflow...

MiracleLinux 8 : kernel-4.18.0-553.126.1.el8_10 (AXSA:2026-751:40)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-751:40 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-681...

CVE-2026-36615

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...

PT-2026-45924

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

EUVD-2026-34152

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...

PT-2026-46016

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistent ram save old persistent ram save old can be called multiple times for the same persistent ram zone e.g., via ramoops pstore read - ramoops get next prz for PSTORE TYPE DMESG records...

CVE-2026-36613

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...

CVE-2026-36613

Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 is affected by a vulnerability where HTTP POST requests to undefined paths return 128 bytes of uninitialized internal buffer contents, exposing server state to unauthenticated adjacent network attackers. Affected component: the device’s HTT...

CVE-2026-36613

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...

Linux Distros Unpatched Vulnerability : CVE-2026-50031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defin...

php: global buffer over-read in mb_convert_encoding() with attacker-supplied encoding

A flaw was found in PHP. When an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, an out-of-bounds read of only 1 byte can occur due to the incorrect processing of string lengths. This issue can cause a denial of service or limited...

Important: Red Hat Security Advisory: php8.4 security update

An update for php8.4 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2026-9381

A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. The attack may be...

CVE-2026-10292

A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2021-4478 Dräger CC-Vision Basic and CC-Vision E-Cal Out-of-Bounds Write via Malicious GDT File

Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the...

CVE-2021-4478

Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the...