Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix a hang issue when the device state is set via sysfs This fix addresses a regression introduced in the commit: f0f82e2476f6 "scsi: core: Fix capacity setting to zero after offlineing the device". The problem...

CVE-2026-31667

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

CVE-2026-40620 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

EUVD-2026-25362

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

PT-2026-35019

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

qualcomm_avb_exploit_poc

qualcommavbexploitpoc PoC for a Qualcomm ABL bootloader un...

CVE-2026-0653

On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration...

TP-Link Tapo C260 安全漏洞

The TP-Link Tapo C260 is a surveillance camera produced by the TP-Link company. The TP-Link Tapo C260 v1 version has a security vulnerability. This vulnerability arises from the fact that guest-level authenticated users can bypass access restrictions through specially crafted requests, potentiall...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27009)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27009 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition...

CVE-2025-11912

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

EUVD-2025-34932

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

CVE-2025-11912

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

CVE-2025-11912

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

CVE-2025-11912 Shenzhen Ruiming Technology Streamax Crocus DeviceState.do Query sql injection

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

Streamax Crocus SQL注入漏洞

Streamax Crocus is a system used by China Ruiming Streamax to reduce commercial vehicles to reduce traffic accidents and cargo loss. A SQL injection vulnerability exists in Streamax Crocus version 1.3.40, which stems from incorrect manipulation of the parameter orderField in the file...

EUVD-2024-37311

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper concurrency management, which could cause a device to enter an incorrect state...

Linux Distros Unpatched Vulnerability : CVE-2024-27063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: leds: trigger: netdev: Fix kernel panic on interface rename trig notify Commit d5e01266e7f5...

PT-2025-31067

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to VLAN 0 refcount management when toggling filtering during runtime with the "rx-vlan-filter" feature enabled. Specifically, a memory leak can...

Linux Distros Unpatched Vulnerability : CVE-2021-47192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added...