Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Fixed the recursive rtnllock call during the probe function. The deadlock occurs in a stack trace similar to this: virtnetprobe rtnllock virtioconfigChangedWork netdevNotifyPeers rtnllock This issue arises when the VM...

CVE-2026-32962

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication...

SUSE CVE-2026-27589

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API default listen 127.0.0.1:2019 exposes a state-changing POST /load endpoint that replaces the entire running configuration. When origin enforcement is not enabled enforceorigin not...

Linux Distros Unpatched Vulnerability : CVE-2026-27589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API default listen 127.0.0.1:2019 exposes a...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the adminLoad.handleLoad process. An attacker can modify the running configuration and alter server behavior by sending cross-origin requests to the local admin API when origin enforcement is not...

CVE-2026-27589

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API default listen 127.0.0.1:2019 exposes a state-changing POST /load endpoint that replaces the entire running configuration. When origin enforcement is not enabled enforceorigin not...

CVE-2026-27589 Caddy vulnerable to cross-origin config application via local admin API /load (caddy)

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API default listen 127.0.0.1:2019 exposes a state-changing POST /load endpoint that replaces the entire running configuration. When origin enforcement is not enabled enforceorigin not...

CVE-2025-65007 Missing Authentication for Critical Function in WODESYS WD-R608U router

In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 due to lack of authentication in the configuration change module in the adm.cgi endpoint, the unauthenticated attacker can execute commands including backup creation, device restart and resetting the device to factory settings. The...

CVE-2021-47709 COMMAX Smart Home Ruvie CCTV Bridge DVR Service Config Write / DoS

COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause denial-of-service through the setconf endpoint. Attackers can trigger a denial-of-service scenario by sending a malformed request to the setconf endpoint...

CVE-2025-11779 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

CVE-2025-61915

A flaw was found in cups. A user in group defined by SystemGroup directive in /etc/cups/cups-files.conf can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. Mitigation...

EUVD-2025-200032

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

Linux Distros Unpatched Vulnerability : CVE-2025-61915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can us...

ALPINE-CVE-2025-61915

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config a...

MAL-2025-96959 Malicious code in tense_cardinal_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9f52c7c64462e166ac5263c43eca8d1f767dc58bb33e360b434a1084af9ee88 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2009-1229

Malware in sbrugna...

SUSE CVE-2025-38551

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnllock during probe The deadlock appears in a stack trace like: virtnetprobe rtnllock virtioconfigchangedwork netdevnotifypeers rtnllock It happens if the VMM sends a VIRTIONETSANNOUNCE request while...

CVE-2025-38551

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnllock during probe The deadlock appears in a stack trace like: virtnetprobe rtnllock virtioconfigchangedwork netdevnotifypeers rtnllock It happens if the VMM sends a VIRTIONETSANNOUNCE request while...

DEBIAN-CVE-2025-38551

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnllock during probe The deadlock appears in a stack trace like: virtnetprobe rtnllock virtioconfigchangedwork netdevnotifypeers rtnllock It happens if the VMM sends a VIRTIONETSANNOUNCE request while...

CVE-2025-38551 virtio-net: fix recursived rtnl_lock() during probe()

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnllock during probe The deadlock appears in a stack trace like: virtnetprobe rtnllock virtioconfigchangedwork netdevnotifypeers rtnllock It happens if the VMM sends a VIRTIONETSANNOUNCE request while...