Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmpnvmem: The driver no longer crashes after cleanup. The commit 29be47fcd6a0 “nvmem: zynqmpnvmem: zynqmpnvmemprobe cleanup“ changed the driver so that it expects the device pointer to be passed as a “context” parameter...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...

SUSE CVE-2026-31502

In the Linux kernel, the following vulnerability has been resolved: team: fix headerops type confusion with non-Ethernet ports Similar to commit 950803f72547 "bonding: fix type confusion in bondsetupbyslave" team has the same class of headerops type confusion. For non-Ethernet ports,...

Linux Distros Unpatched Vulnerability : CVE-2026-31502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - team: fix headerops type confusion with non-Ethernet ports Similar to commit 950803f72547 bonding: fix type confusion in bondsetupbyslave team has the same clas...

CVE-2026-0795 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

EUVD-2024-22130

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-38301

In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmpnvmem: unbreak driver after cleanup Commit 29be47fcd6a0 "nvmem: zynqmpnvmem: zynqmpnvmemprobe cleanup" changed the driver to expect the device pointer to be passed as the "context", but in nvmem the context parameter...

Autel MaxiCharger AC Wallbox Commercial 安全漏洞

Autel MaxiCharger AC Wallbox Commercial is a smart AI electric car charger from Autel USA. A code execution vulnerability exists in Autel MaxiCharger AC Wallbox Commercial, which can be exploited by an attacker to execute arbitrary code in the context of the device...

Microsoft Windows Device Context Improper Release Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 charging stations. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The...

(Pwn2Own) Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP requests. The issue results from the lack of proper...

(Pwn2Own) Silicon Labs Gecko OS HTTP GET Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP GET requests. The issue results from the lack of...

UBUNTU-CVE-2021-47212

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update error handler for UCTX and UMEM In the fast unload flow, the device state is set to internal error, which indicates that the driver started the destroy process. In this case, when a destroy command is being...

(Pwn2Own) Canon imageCLASS MF743Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Authorization header provided to the /mls/rls-login/bas...

(Pwn2Own) Lexmark MC3224i putinterval Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the PostScript putinterval command. The issue...

CVE-2022-34819

A vulnerability has been identified in SIMATIC CP 1242-7 V2 All versions = V2.0 = V2.0 = V2.0 = V2.0 = V2.0 V2.2.28, SIPLUS NET CP 1242-7 V2 All versions V3.3.46, SIPLUS NET CP 1543-1 All versions V3.0.22, SIPLUS S7-1200 CP 1243-1 All versions V3.3.46, SIPLUS S7-1200 CP 1243-1 RAIL All versions...

多款Siemens产品缓冲区错误漏洞

The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect SIMATIC S7-1200 controllers to a wide area network WAN. They provide integrated security features such as firewalls, virtual private networks VPNs, and support for other protocols with data encryption.The SIMATIC CP 1243-8 I...

Design/Logic Flaw

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...

(0Day) D-Link DAP-1330 HNAP checkValidRequest Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the...

D-Link DAP-1860 Remote Code Execution Vulnerability (CNVD-2022-38538)

The D-Link DAP-1860 is a WiFi range extender from D-Link, a Taiwan-based company. The D-Link DAP-1860 is vulnerable to a remote code execution vulnerability that could be exploited by attackers to elevate privileges and execute code in the device context...