Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpiolib: fixed a race condition related to gdev-srcu If two drivers call gpiochipadddatawithkey, one might traverse the srcu-protected list in gpionametodesc, while the other just adds its gdev in gpiodevaddtolistunlocked. Thi...

SUSE CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...

CVE-2025-64325

Emby Server is a personal media server. Prior to version 4.8.1.0 and prior to Beta version 4.9.0.0-beta, a malicious user can send an authentication request with a manipulated X-Emby-Client value, which gets added to the devices section of the admin dashboard without sanitization. This issue has...

Linux Distros Unpatched Vulnerability : CVE-2025-38175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: binder: fix yet another UAF in binderdevices Commit e77aff5528a18 binderfs: fix use-after-fr...

UBUNTU-CVE-2025-38175

In the Linux kernel, the following vulnerability has been resolved: binder: fix yet another UAF in binderdevices Commit e77aff5528a18 "binderfs: fix use-after-free in binderdevices" addressed a use-after-free where devices could be released without first being removed from the binderdevices list...

CVE-2025-31941 Growatt Cloud portal Authorization Bypass Through User-Controlled Key

An unauthenticated attacker can obtain a list of smart devices by knowing a valid username...

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and earlier, which originates from an unauthenticated attacker being able to obtain a list of smart devices via an unprotected API...

PT-2024-22213

Name of the Vulnerable Software and Affected Versions NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX-MS, WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP...

CVE-2023-45572

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

Apple iOS和iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and iPadOS, which arises from an application's ability to access iOS backups...

CVE-2021-38534

Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DC112A before 1.0.0.42...

CVE-2020-29061

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices...

CVE-2020-13914

webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service Segmentation fault to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300,...

CVE-2017-18862

Certain NETGEAR devices are affected by authentication bypass. This affects JGS516PE before 2017-05-11, JGS524Ev2 before 2017-05-11, JGS524PE before 2017-05-11, GS105Ev2 before 2017-05-11, GS105PE before 2017-05-11, GS108Ev3 before 2017-05-11, GS108PEv3 before 2017-05-11, GS116Ev2 before...

CVE-2020-11775

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30,...

PT-2018-1294 · Schneider Electric · Modicon M340 +3

Name of the Vulnerable Software and Affected Versions: Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers affected versions not specified Description: The issue is related to hard-coded accounts in the communication modules of the affected controllers...