Astra Linux - уязвимость в zabbix

Setting the SMS media allows for setting the GSM modem file. This file is later used as a Linux device. But since everything is a file for Linux, it’s possible to set another file, such as a log file. In this case, Zabbixserver will attempt to communicate with it as a modem. As a result, the log...

UBUNTU-CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

CVE-2026-44919

In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL...

Astra Linux - уязвимость в qemu

A flaw was discovered in the implementation of the 9p passthrough filesystem 9pfs in QEMU. The 9pfs server did not prevent the opening of special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared...

PT-2026-36343

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the FUSE Filesystem in Userspace component where the filesystem creation process can hang if the server exits due to an error or crash while processing FUSE INIT during...

CVE-2026-22318

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

EUVD-2026-12787

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

CVE-2026-22319

A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack...

PT-2026-26034

A stack-based buffer overflow vulnerability in the device's file transfer parameter workflow allows a high-privileged attacker to send oversized POST parameters, causing memory corruption in an internal process, resulting in a DoS attack...

PT-2026-26035

A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack...

JD Cloud AX6600 安全漏洞

JD Cloud AX6600 is an edge computing router developed by JD.com, a Chinese company. Versions of JD Cloud AX6600 such as 4.5.1.r4533 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the functions setstcreenendeabledstatus and getstatus in the...

CVE-2022-50950 Webile 1.0.1 Directory Traversal Vulnerability via Web Application

Webile 1.0.1 contains a directory traversal vulnerability that allows remote attackers to manipulate file system paths without authentication. Attackers can exploit path manipulation to access sensitive system directories and potentially compromise the mobile device's local file system...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000554)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000554 advisory. The kvmapichasevents function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service NULL pointer dereference and...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004426 advisory. There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptpclock and cdev while resource deallocation. When a high...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001017)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001017 advisory. arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001783 advisory. The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of servic...

CVE-2025-11914

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by this issue is the function Download of the file /DeviceFileReport.do?Action=Download. Performing manipulation of the argument FilePath results in path traversal. The attack may be initiated remotely. The...

Streamax Crocus 路径遍历漏洞

Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A path traversal vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter FilePath in the file...

EUVD-2014-3024

Malware in sbrugna...

EUVD-2007-5175

Malware in sbrugna...