1984 matches found
USN-8555-1: Ubuntu Advantage Tools (pro client) vulnerabilities
Bilal Teke discovered that Ubuntu Advantage Tools exposed the Pro bearer token in command-line arguments when validating APT credentials. A local attacker could possibly use this issue to obtain sensitive information and gain unauthorized access to Ubuntu Pro repositories. CVE-2026-9494 Frederick...
BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery
Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the BrightSign digital signage media player affecting the Diagnostic Web Server DWS. The application parses user supplied data in the 'url' GET parameter to construct a diagnostics request to the Download Speed Test service...
PT-2026-60460
Name of the Vulnerable Software and Affected Versions ubuntu-pro-client affected versions not specified Description An insecure symlink following issue exists within the pro collect-logs command framework. The utility uses predictable temporary file paths or user-accessible log directories to...
EUVD-2026-43297
Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an...
CVE-2026-4769
Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an...
CVE-2026-4769
The affected product family is WAGO System I/O Field series devices. The CVE describes an undocumented internal diagnostic capability that activates during the initial startup sequence and remains accessible without authentication for a brief window in the early boot phase. During this window, an...
CVE-2026-4769 Unauthenticated Access to Internal Diagnostic Interface
Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an...
CVE-2026-27844
Uncaught Exception CWE-248 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to trigger a Controller restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: 9.50 prior t...
CVE-2026-27844
Uncaught Exception CWE-248 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to trigger a Controller restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: 9.50 prior t...
CVE-2026-27844
CVE-2026-27844 affects Command Centre Controller 6000/7000 diagnostic web interfaces. An uncaught exception (CWE-248) from specific requests by an authenticated and authorized operator can trigger a Controller restart, causing a temporary denial of service. Affected versions include 9.50 (prior t...
EUVD-2026-42002
Uncaught Exception CWE-248 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to trigger a Controller restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: 9.50 prior t...
DEBIAN-CVE-2026-53319
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
CVE-2026-53313
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...
DEBIAN-CVE-2026-53313
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...
UBUNTU-CVE-2026-53319
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
CVE-2026-53319 blk-wbt: remove WARN_ON_ONCE from wbt_init_enable_default()
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
CVE-2026-53319
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
CVE-2026-53319
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
CVE-2026-53319
Mode C: Normal (details available) CVE-2026-53319 affects the Linux kernel block writeback throttling (blk-wbt) code. The issue arises in wbt_init_enable_default(), which previously used WARN_ON_ONCE to report failures from wbt_alloc() and wbt_init(). These failure paths are expected: wbt_alloc()...
CVE-2026-53313
CVE-2026-53313 is a Linux kernel vulnerability in the drm/amd/display path where NULL pointer dereference can occur in logging paths. Specifically, in dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace(), code checked if (!dc_dmub_srv || !dc_dmub_srv->dmub) and then invoked DC...