Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: dvb-frontends: tda10048 – Fixed integer overflow. state-xtalhz can be up to 16M; when multiplied by pllmfactor, it may cause an integer overflow. A new 64-bit variable was created to store the calculations...

EUVD-2026-8976

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by configuring a maliciously crafted LCD state which is later processed during system setup, enabling remote code execution...

CVE-2026-2704

A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the...

CVE-2019-25352 Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

CVE-2019-25352 Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

Crystal Live HTTP Server 路径遍历漏洞

Crystal Live HTTP Server is a local static web server software developed by the Crystal company. Version 6.01 of Crystal Live HTTP Server contains a path traversal vulnerability. This vulnerability allows remote attackers to access system files by manipulating URL path segments, potentially leadi...

PT-2026-20527

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

EUVD-2020-30926

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and...

CVE-2020-37056 Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and...

CVE-2020-37056 Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and...

CVE-2020-37056

The CVE-2020-37056 entry concerns Crystal Shard http-protection 0.2.0, where an IP-spoofing flaw allows bypass of protection middleware by crafting headers. Specifically, attackers can set consistent values in X-Forwarded-For, X-Client-IP, and X-Real-IP to defeat checks and gain unauthorized acce...

CVE-2020-37056

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and...

PT-2026-5492

Name of the Vulnerable Software and Affected Versions Crystal Shard http-protection version 0.2.0 Description The software contains an IP spoofing issue that allows attackers to bypass protection middleware. This is achieved by manipulating request headers to hardcode consistent IP values across...

EUVD-2022-55868

In the Linux kernel, the following vulnerability has been resolved: auxdisplay: hd44780: Fix potential memory leak in hd44780remove hd44780probe allocates a memory chunk for hd with kzalloc and makes "lcd-drvdata-hd44780" point to it. When we call hd44780remove, we should release all relevant...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42223)

media: dvb-frontends: tda10048: integer overflow state-xtalhz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pllmfactor. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

CVE-2025-63292

Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

fbdev: omap: use threaded IRQ for LCD DMA

...

Flok License Plate Surveillance

The company Flok is surveilling us as we drive: A retired veteran named Lee Schmidt wanted to know how often Norfolk, Virginia's 176 Flock Safety automated license-plate-reader cameras were tracking him. The answer, according to a U.S. District Court lawsuit filed in September, was more than four...

EUVD-2009-3327

Malware in sbrugna...

EUVD-2011-4723

Malware in sbrugna...