70 matches found
ipmi: Check event message buffer response for bad data
...
CVE-2026-46128
The CVE-2026-46128 issue concerns the Linux kernel IPMI event message handling. The root cause is an insufficiently validated event message buffer/data size occurring when fetching events, with some BMCs returning an empty message instead of an error. This leads to a potential failure in processi...
EUVD-2026-32887
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...
CLSA-2026-1777663444 freerdp: Fix of 3 CVEs
CVE-2026-33985: fix information leak in ClearCodec glyph index decode; validate nWidthnHeight for overflow and update glyphEntry-count only after a successful realloc so subsequent reads cannot expose adjacent heap memory - CVE-2022-39283: fix missing length check in /video channel data handler;...
GHSA-6CHQ-WFR3-2HJ9 Axios: Header Injection via Prototype Pollution
Summary A prototype pollution gadget exists in the Axios HTTP adapter lib/adapters/http.js that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type checking of the data payload, where if Object.prototype is polluted with getHeaders,...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: kcm: fixed the order of calls to strpinit and cleanup. strpinit is called just a few lines above this csk-skuserdata check. It also initializes strp-work, etc. Therefore, there’s no need to call strpdone to cancel the newly...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...
SUSE CVE-2026-27840
ZITADEL is an open source identity management platform. Starting in version 2.31.0 and prior to versions 3.4.7 and 4.11.0, opaque OIDC access tokens in the v2 format truncated to 80 characters are still considered valid. Zitadel uses a symmetric AES encryption for opaque tokens. The cleartext...
CVE-2026-1336
The CVE-2026-1336 entry concerns the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin. It is vulnerable to unauthorized access and data modification due to missing capability checks in store_data() and get_chatgpt_api_key() for versions up to 2.7.5. Unauthenticated attackers ...
EUVD-2026-8789
ZITADEL's truncated opaque tokens are still valid...
ROS-20260112-7341
A vulnerability in the xfsdir3datacheck function fs/xfs/libxfs/xfsdir2data.c of the Linux operating system kernel is related to reading data beyond buffer boundaries in memory. Exploitation of the vulnerability allows an attacker to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992435)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992435 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismtaccess When the driver does not check the data from th...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989864)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989864 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at t...
EUVD-2021-17212
Malware in sbrugna...
EUVD-2019-5295
Malware in sbrugna...
EUVD-2018-17647
Malware in sbrugna...
EUVD-2020-3589
Malware in sbrugna...
EUVD-2020-24919
Malware in sbrugna...
EUVD-2020-3469
Malware in sbrugna...
EUVD-2019-2117
Malware in sbrugna...