SUSE CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

EUVD-2026-32870

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

CVE-2026-46111 Bluetooth: hci_conn: fix potential UAF in create_big_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

CVE-2026-46111

The CVE concerns a use-after-free in the Linux kernel Bluetooth stack (hci_conn, BIG creation). The patch adds hci_conn_valid() in create_big_sync() to detect stale connections before BIG creation, handles -ECANCELED in create_big_complete(), and re-validates under hci_dev_lock() before dereferen...

PT-2026-44234

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci conn: fix potential UAF in create big sync Add hci conn valid check in create big sync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in create big complete and...

CVE-2026-24068

The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can...

EUVD-2004-0892

Malware in sbrugna...

EUVD-2022-39484

Malicious code in bioql PyPI...

ROS-20250904-05

Vulnerability of DNS load balancer and proxy for DNS traffic DNSdist is related to insufficient checking of incoming TCP connections from the client. of incoming TCP connections from the client. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2024-8008 Reflected Cross-Site Scripting (XSS) in Multiple WSO2 Products via JDBC User Store Connection Validation

A reflected cross-site scripting XSS vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser ...

CVE-2022-36784

Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...

Exploit for CVE-2024-55968

CVE-2024-55968 LPE Exploit POC for CVE-2024-55968 Vulnerab...

CVE-2023-7007 CVE-2023-7007

Sciener server does not validate connection requests from the GatewayG2, allowing an impersonation attack that provides the attacker the unlockKey field...

Sciener server security vulnerability

Sciener is a smart lock firmware from Sciener. A security vulnerability exists in the Sciener server that stems from not validating connection requests from GatewayG2, which allows an attacker to obtain the unlockKey field via a simulated attack...

PT-2023-4686 · Apache · Apache Nifi

Name of the Vulnerable Software and Affected Versions: Apache NiFi versions 1.21.0 through 1.23.0 Description: The issue is related to insufficient comparison in the Apache NiFi data processing platform. An authenticated and authorized user can bypass connection URL validation using custom input...

Use After Free

chromium is vulnerable to Use After Free. The vulnerability exists in lack of validate WebRTC connection over HTTPS, which can result in Denial of Service...

CVE-2022-36784

Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...

Remote code execution

Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...

Qualcomm 芯片 安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products that...