1247 matches found
UBUNTU-CVE-2026-26965
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...
CVE-2026-26965 FreeRDP has Out-of-bounds Write
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...
CVE-2026-26965
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...
Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection
Mixture-of-Experts MoE offers flexible graph reasoning by combining multiple views of a graph through a learned router. We investigate routing-aware explanations for MoE graph models in malware detection using control flow graphs CFGs. Our architecture builds diversity at two levels. At the node...
Aether Smart Contract Security Analysis Framework 4.7.1
Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...
CVE-2026-23128
A flaw was found in the Linux kernel on arm64 systems with Control Flow Integrity CFI enabled. During hibernate resume, the swsusparchresume function attempts to verify a CFI hash when calling swsusparchsuspendexit, which is marked as SYMCODE and lacks a CFI hash. This causes a data abort DABT an...
CVE-2026-23128
In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...
UBUNTU-CVE-2026-23128
In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...
CVE-2026-23128 arm64: Set __nocfi on swsusp_arch_resume()
In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...
CVE-2026-23128
CVE-2026-23128 affects the Linux kernel on ARM64, where the hibernation resume path swsusp_arch_resume() could trigger a Control-Flow Integrity (CFI) hash check mismatch during resume, leading to a DABT fault on Android-based devices. The root cause is that swsusp_arch_suspend_exit() is not accom...
CVE-2026-23128 arm64: Set __nocfi on swsusp_arch_resume()
In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...
Linux Distros Unpatched Vulnerability : CVE-2026-23128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the CFI check is not disabled for swsusparchresume in arm64, potentially leading to...
CVE-2025-58466
A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...
CVE-2025-58466
A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...
CVE-2025-58466 QTS, QuTS hero
A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...
CVE-2025-58466
A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...
CVE-2025-58466
CVE-2025-58466 affects QNAP QTS and QuTS hero: a use of uninitialized variable issue that can be exploited by an attacker with an administrator account to cause denial of service or alter control flow. Affected: QTS before 5.2.8.3332 build 20251128 and earlier; QuTS hero before h5.2.8.3321 build ...
PT-2026-7563
Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.8.3332 build 20251128 QNAP QuTS hero versions prior to h5.2.8.3321 build 20251117 Description A use of uninitialized variable issue exists in QNAP operating systems. A remote attacker gaining administrator access...
QNAP Systems QTS和QNAP Systems QuTS hero 安全漏洞
QNAP Systems QTS and QNAP Systems QuTS Hero are both software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There were security vulnerabilities in versions of QNAP Systems QTS 5.2.8.3332 and QNAP Systems QuTS Hero h5.2.8.3321. The...