UBUNTU-CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

PT-2026-4981

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

dcap-qvl data falsification vulnerability

dcap-qvl is a confidential computing development library open source by Phala. Versions of dcap-qvl prior to 0.3.9 contained a data falsification vulnerability. This vulnerability stemmed from critical flaws in the encryption verification process, which could allow attackers to forge QE identity...

Azure Linux 3.0 Security Update: libtpms (CVE-2025-49133)

The version of libtpms installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49133 advisory. - Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qem...

Azure Linux 3.0 Security Update: samba (CVE-2021-3738)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3738 advisory. - In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a...

Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info

As emotional computing applications proliferate, the security threats they face require frameworks beyond traditional approaches...

Rethinking On-Device LLM Reasoning: Why Analogical Mapping Outperforms Abstract Thinking for IoT DDoS Detection

The rapid expansion of IoT deployments has intensified cybersecurity threats, notably Distributed Denial of Service DDoS attacks, characterized by increasingly sophisticated patterns. Leveraging Generative AI through On-Device Large Language Models ODLLMs provides a viable solution for real-time...

MiracleLinux 3 : vnc-4.1.2-9.6AXS3 (AXSA:2009-21:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-21:01 advisory. Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running...

MiracleLinux 4 : trousers-0.3.13-2.AXS4 (AXSA:2014-608:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-608:01 advisory. Description : TrouSerS is an implementation of the Trusted Computing Group's Software Stack TSS specification. You can use TrouSerS to write applications that...

SICK TDC-X401GL has security vulnerabilities

The SICK TDC-X401GL is a edge computing gateway developed by the German company SICK. The SICK TDC-X401GL has a security vulnerability, which stems from improper validation of login parameters. This vulnerability may allow attackers to redirect users to malicious websites after authentication...

SICK TDC-X401GL has security vulnerabilities

The SICK TDC-X401GL is a edge computing gateway from the German company SICK. The SICK TDC-X401GL has a security vulnerability, which stems from insufficient salt addition in the device’s password. This vulnerability may lead to password extraction attacks...

MiracleLinux 3 : vnc-4.1.2-14.1.0.1.AXS3 (AXSA:2010-240:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-240:01 advisory. Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is runnin...

MiracleLinux 4 : tigervnc-1.0.90-0.15.20110314svn4359.AXS4.1 (AXSA:2011-641:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-641:01 advisory. Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is runnin...

CVE-2021-0052

Incorrect default privileges in the IntelR Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access...

CVE-2007-4043

file.cgi in Secure Computing SecurityReporter aka Network Security Analyzer before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files...

CVE-2020-12308

Improper access control for the IntelR Computing Improvement Program before version 2.4.5982 may allow an unprivileged user to potentially enable information disclosure via network access...

CVE-2026-20026

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2024-41153

Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensive than what the wri...

CVE-2026-20027

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

CVE-2026-20027 Cisco Snort DCERPC Stub Data Out of Bounds Read

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...