Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: added a range check for connrspepid in htcconnectservice. I have identified the following bugs in my fuzzer: UBSAN: Array index out of bounds in drivers/net/wireless/ath/ath9k/htchst.c:26:51 Index 255 is out of range...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003790 advisory. Memory leaks in drivers/net/wireless/ath/ath9k/htchst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53156)

wifi: ath9k: add range check for connrspepid in htcconnectservice. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504632; scriptversion"1.3";...

EUVD-2014-9064

Malware in sbrugna...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-386613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386613 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for connrspepid in htcconnectservice I found the following bug in my...

EUVD-2024-54694

Malicious code in bioql PyPI...

CVE-2024-45347 Mi Connect Service APP protocol flaws lead to unauthorized access

An unauthorized access vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to Unauthorized access to the victim’s device...

CVE-2024-45347

CVE-2024-45347 affects Xiaomi Mi Connect Service App. Multiple connected sources indicate the root cause is flawed validation in the authentication/authorization flow, enabling unauthorized access to a victim’s device. CVSS 3.1 base score 9.6 (Adjac ent attack, no user interaction, high impact on...

Xiaomi Mi Connect Service APP 授权问题漏洞

Xiaomi Mi Connect Service APP is an application from China's Xiaomi Xiaomi that is used to enable connectivity and interaction between Xiaomi devices, which helps users to quickly connect and manage a variety of Xiaomi smart devices to enable data transfer and collaborative work between devices. ...

PT-2025-26583 · Xiaomi · Xiaomi Mi Connect Service App

Name of the Vulnerable Software and Affected Versions: Xiaomi Mi Connect Service APP affected versions not specified Description: An unauthorized access issue exists due to flawed validation logic in the Xiaomi Mi Connect Service APP, allowing attackers to gain unauthorized access to devices...

Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage bsc1229504...

CVE-2014-9239

SQL injection vulnerability in the IPS Connect service interface/ipsconnect/ipsconnect.php in Invision Power Board aka IPB or IP.Board 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the id parameter...

Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024144 fixes one issue. The following security issue was fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122234 fixes several issues. The following security issues were fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. CVE-2024-50115: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory bsc1233019. Patch...

CVE-2024-45361

A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information...

CVE-2024-45361

A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information...

CVE-2024-45361

The CVE-2024-45361 entry refers to a protocol flaw in Xiaomi Mi Connect Service APP where the validation logic is flawed, enabling leakage of sensitive user information. Affected software: Xiaomi Mi Connect Service APP. Root cause: flawed validation logic. Impact: potential disclosure of sensitiv...

CVE-2024-45361 Mi Connect Service APP protocol flaws lead to leaking sensitive user information

A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information...