Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: Device name buffers passed to the device replace function are properly validated for string termination. This issue could lead to an out-of-bounds read in the getnamekernel function. A helper function has been...

Azure Linux 3.0 Security Update: kernel (CVE-2024-39496)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39496 advisory. - In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free due to...

TOTOLINK EX200 firmware-upload error handling can activate an unauthenticated root telnet service

Overview A flaw in the firmware-upload error-handling logic of the TOTOLINK EX200 extender can cause the device to unintentionally start an unauthenticated root-level telnet service. This condition may allow a remote authenticated attacker to gain full system access. Description In the End-of-Lif...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54180

CVE-2023-54180 concerns the Linux kernel Btrfs repair flow when a dev-replace operation is in progress. The root cause is a BUG_ON() in btrfs_repair_io_failure() triggered while repairing a degraded/replace target device, due to mirror_num handling in btrfs_map_block() and possible manipulation o...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper handling of fixes by btrfs during device replacement, which could lead to null pointer...

CVE-2025-10910 Gaining remote control over Govee devices

A flaw in the binding process of Govee’s cloud platform and devices allows a remote attacker to bind an existing, online Govee device to the attacker’s account, resulting in full control of the device and removal of the device from its legitimate owner’s account. The server‑side API allows device...

EUVD-2025-19048

Malicious code in bioql PyPI...

CVE-2025-6559

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended...

CVE-2025-6560

Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials. The affected models are out of support; replacing the devic...

CVE-2025-6560

Multiple wireless router models from Sapido have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials. The affected models are out of support; replacing the devic...

CVE-2025-6560

CVE-2025-6560: Sapido wireless routers expose a sensitive information flaw. Unauthenticated remote attackers can access a system configuration file and retrieve plaintext administrator credentials. Public writeups across multiple sources corroborate that affected Sapido models are out of support;...

CVE-2025-6559

The CVE-2025-6559 entry pertains to Sapido wireless routers with an OS command injection vulnerability. Affected models include BR071n, BR261c, BR270n, BR476n, BRC70n, BRC70x, BRC76n, BRD70n, BRE70n, BRE71n, BRF61c, and BRF71n. Root cause: improper neutralization of special elements in OS command...

CVE-2025-6559 Sapido Wireless Router - OS Command Injection

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended...

PT-2025-26685 · Sapido · Sapido Wireless Router

Name of the Vulnerable Software and Affected Versions: Sapido Wireless Router affected versions not specified Description: The issue allows unauthenticated remote attackers to directly access a system configuration file and obtain plaintext administrator credentials. The affected models are out o...

SUSE CVE-2025-37843

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pcilockrescanremove, then...

DEBIAN-CVE-2025-37843

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pcilockrescanremove, then...

UBUNTU-CVE-2025-37843

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pcilockrescanremove, then...