EUVD-2026-35160

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

PT-2026-36973

A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git operation of the file src/code mcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command injection. The attac...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper copying of memory by the UFXIOCTLREPORTDAMAGE ioctl function. This vulnerability may...

SUSE CVE-2023-54281

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the ino lookup ioctl we can end up calling btrfsiget to get an inode reference while we are holding on a root's btree. If btrfsiget needs to lookup the...

SUSE CVE-2017-7346

The vmwgbsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service system hang via a crafted ioctl call for a /dev/dri/renderD device...

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the H.264 decoder in the libstagefright library of the Android operating system exists due to incorrect processing of the Memory Management Control Operation MMCO data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

CVE-2016-0842

The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management Control Operation MMCO data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25818142...

CVE-2016-0842

The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management Control Operation MMCO data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25818142...

CVE-2016-0842

The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management Control Operation MMCO data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25818142...

CVE-2016-0842

The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management Control Operation MMCO data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25818142...

Researcher Finds Twitter Botnet Command Channel

Arbor Networks security researcher Jose Nazario has stumbled upon a crimeware botnet using Twitter as its command-and-control operation. The botnet, which is linked to identity thieves in Brazil, uses Twitter status messages to communicate with bots — sending new links for the infected computers ...