CVE-2025-47332

Memory corruption while processing a config call from userspace...

PT-2026-1872

Name of the Vulnerable Software and Affected Versions GL.Inet GL.Inet AX1800 versions 4.6.4 and 4.6.8 Description An issue exists in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call within the GL.Inet AX1800. The script operates with root privileges when activated through...

CVE-2025-67091

CVE-2025-67091 affects GL.iNet AX1800 firmware versions 4.6.4 and 4.6.8 . The issue lies in the GL.iNet custom opkg wrapper script at /usr/libexec/opkg-call , which runs with root privileges when triggered via the LuCI web interface or authenticated API calls to manage packages. Vulnerable code u...

GL-Inet GL-AXT1800 安全漏洞

The GL-Inet GL-AXT1800 is a WiFi6 wireless router from GL-Inet China. A security vulnerability exists in the GL-Inet GL-AXT1800 v4.6.8, which stems from improper input cleanup of the plugins.installpackage RPC method, which could lead to the execution of arbitrary commands...

CVE-2025-69255

CVE-2025-69255 affects RustFS, a Rust-based distributed object storage system. The vulnerability lies in the gRPC metrics endpoint GetMetrics handler: deserialization of metric_type/opts can panic when a malformed request is received, causing remote denial of service of the metrics service. Affec...

CVE-2026-20026

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2026-20027

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2026-20026 Multiple Cisco Products Snort 3 DCERPC Vulnerabilities

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2026-20027 Cisco Snort DCERPC Stub Data Out of Bounds Read

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2026-20027 Cisco Snort DCERPC Stub Data Out of Bounds Read

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the processing of Distributed Computing Environment Remote Procedure Call DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, which would...

CVE-2025-47332

Memory corruption while processing a config call from userspace...

CVE-2025-0980

Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials...

CVE-1999-0747

Denial of service in BSDi Symmetric Multiprocessing SMP when an fstat call is made when the system has a high CPU load...

CVE-2019-16676

Plataformatec Simple Form has Incorrect Access Control in filemethod? in lib/simpleform/formbuilder.rb, because a user-supplied string is invoked as a method call...

CVE-2025-14901 Bit Form – Contact Form Plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay

The Bit Form – Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. This is due to a logic flaw in the nonce verification where the security check only...

PT-2026-2046

Name of the Vulnerable Software and Affected Versions Cisco Snort affected versions not specified Description A flaw exists in the processing of DCE/RPC requests that may allow a remote, unauthenticated attacker to cause the Snort 3 Detection Engine to leak sensitive information or restart, leadi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000274)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000274 advisory. In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service TM Bad Thing...

rustfs 安全漏洞

rustfs is a high-performance object storage system from the RustFS open source. A security vulnerability exists in rustfs versions 1.0.0-alpha.13 through 1.0.0-alpha.77, which stems from a deserialization failure when processing a malformed gRPC GetMetrics request, which could lead to a remote...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000458 advisory. A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and...