Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: macvlan: The forgotten nlapolicy has been added for IFLAMACVLANBCCUTOFF. The previous commit 954d1fa1ac93, titled “macvlan: Add netlink attribute for broadcast cutoff”, added an additional attribute named IFLAMACVLANBCCUTOFF to...

EUVD-2025-31879

Malicious code in bioql PyPI...

EUVD-2025-25908

Malicious code in bioql PyPI...

SUSE CVE-2023-53516

In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nlapolicy for IFLAMACVLANBCCUTOFF The previous commit 954d1fa1ac93 "macvlan: Add netlink attribute for broadcast cutoff" added one additional attribute named IFLAMACVLANBCCUTOFF to allow broadcast cutfoff...

UBUNTU-CVE-2023-53516

In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nlapolicy for IFLAMACVLANBCCUTOFF The previous commit 954d1fa1ac93 "macvlan: Add netlink attribute for broadcast cutoff" added one additional attribute named IFLAMACVLANBCCUTOFF to allow broadcast cutfoff...

CVE-2023-53516 macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF

In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nlapolicy for IFLAMACVLANBCCUTOFF The previous commit 954d1fa1ac93 "macvlan: Add netlink attribute for broadcast cutoff" added one additional attribute named IFLAMACVLANBCCUTOFF to allow broadcast cutfoff...

CVE-2023-53516

The CVE-2023-53516 entry corresponds to a Linux kernel macvlan netlink policy issue. A new attribute IFLA_MACVLAN_BC_CUTOFF was added, but the nla_policy in macvlan_policy (drivers/net/macvlan.c) was not described, allowing a 4-byte integer (NLA_S32) to be faked as empty and potentially cause an ...

CVE-2023-53516 macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF

In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nlapolicy for IFLAMACVLANBCCUTOFF The previous commit 954d1fa1ac93 "macvlan: Add netlink attribute for broadcast cutoff" added one additional attribute named IFLAMACVLANBCCUTOFF to allow broadcast cutfoff...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing nlapolicy description for the IFLAMACVLANBCCUTOFF attribute, which could lead to a heap...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

CVE-2025-50983

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlma...

readarr 安全漏洞

Readarr is an open source eBook library management system from Readarr. A security vulnerability exists in readarr version 0.4.15.2787, which stems from improper cleanup of the sortKey parameter in the GET /api/v1/wanted/cutoff API endpoint, which could lead to an SQL injection attack...

CVE-2025-50983

Readarr 0.4.15.2787 exposes a SQL Injection in the sortKey parameter of GET /api/v1/wanted/cutoff. The endpoint fails to sanitize user input, enabling arbitrary SQL execution against the backend SQLite DB. Exploitation was confirmed with sqlmap via stacked queries; a heavy query using SQLite RAND...

Suricata 安全漏洞

Suricata is a suite of network Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, and network security monitoring engines developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load...

CVE-2024-33844

CVE-2024-33844 affects Parrot ANAFI USA firmware 1.10.4, where the MAV_MISSION_TYPE values (0, 1, 2, 255) are not validated in the MAVLink MISSION_COUNT path. This allows an attacker to sever the link between controller and drone by sending a malformed MISSION_COUNT, potentially causing a denial ...

PT-2025-40223

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's macvlan implementation due to a missing netlink attribute policy for IFLA MACVLAN BC CUTOFF. A malicious user could potentially exploit this by...

Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only

Twitter has announced that it's limiting the use of SMS-based two-factor authentication 2FA to its Blue subscribers. "While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors," the company said. "We will no longer allow...

CVE-2022-25152

The ITarian platform SAAS / on-premise offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor with a...