CVE-2023-53827

In the Linux kernel, CVE-2023-53827 affects Bluetooth L2CAP handling. The fix prevents use-after-free in l2cap_disconnect_{req,rsp} by using l2cap_chan_hold_unless_zero to avoid referencing a channel that is about to be destroyed. This addresses a vulnerability in the Bluetooth L2CAP code path; n...

CVE-2025-6515

The MCP SSE endpoint in oatpp-mcp returns an instance pointer as the session ID, which is not unique nor cryptographically secure. This allows network attackers with access to the oatpp-mcp server to guess future session IDs and hijack legitimate client MCP sessions, returning malicious responses...

EUVD-2019-10152

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986535 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAPCONFREQ packets, chan-numconfrsp increases...

kernel: Bluetooth: L2CAP: Fix potential user-after-free

A use-after-free flaw was identified in the Linux kernel’s Bluetooth L2CAP implementation. In certain conditions, when allocating a socket buffer via allocskb, the kernel may release and later reacquire the channel lock; if the channel is disconnected in the meantime, a subsequent reference to th...

FC-Only Nimble Array Snapshot Failures in Veeam Backup & Replication P20230718

Challenge When using Veeam Backup & Replication 12 P20230718, rescan, backup, and restore operations may fail when the Nimble array is configured to only use Fibre Channel FC protocol. The request could not be understood by the server. Unexpected argument 'multiinitiator'. Solution A private fix ...

kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges...

kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges...

OESA-2022-2147 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In l2capchanput of l2capcore, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

DEBIAN-CVE-2018-7336

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer...

Tridium NiagaraAX Fox Channel Protocol Information Disclosure Vulnerability

TRIDIUM NiagaraAX is a software framework and development environment. A security vulnerability in the TRIDIUM NiagaraAX fox channel protocol allows remote attackers to exploit the vulnerability to gain access to the protocol version, internal IP address, Niagara-AX application, and more...

Microsoft Windows远程桌面协议RDP远程代码执行漏洞(MS12-020)

BUGTRAQ ID: 52353 CVE ID: CVE-2012-0002 远程桌面协议（RDP, Remote Desktop Protocol）是一个多通道（multi-channel）的协议，让用户（客户端或称“本地电脑”）连上提供微软终端机服务的电脑（服务器端或称“远程电脑”）。 Windows在处理某些对象时存在错误，可通过特制的RDP报文访问未初始化的或已经删除的对象，导致任意代码执行，然后控制系统。 0 Microsoft Windows XP Professional Microsoft Windows XP Home Microsoft Windows Server...

CVE-2007-6216

Race condition in the Fibre Channel protocol fcp driver and Devices filesystem devfs in Sun Solaris 10 allows local users to cause a denial of service system hang via some programs that access hardware resources, as demonstrated by the 1 cfgadm and 2 format programs...

CVE-2007-6216

CVE-2007-6216 concerns a race condition in the Fibre Channel protocol (fcp) driver and the Solaris 10 devfs. Connected sources (Tenable Nessus patches 128491-01 for SPARC and 128492-01 for x86) indicate a patch-based remediation: install Solaris patch 128491-01 (SPARC) or 128492-01 (x86) to addre...

CVE-2007-6216

Race condition in the Fibre Channel protocol fcp driver and Devices filesystem devfs in Sun Solaris 10 allows local users to cause a denial of service system hang via some programs that access hardware resources, as demonstrated by the 1 cfgadm and 2 format programs...