PT-2025-30267 · Recursor +1 · Recursor +1

Name of the Vulnerable Software and Affected Versions: versions prior to the updated version Description: An attacker spoofing responses to ECS-enabled requests sent by the Recursor may succeed. The updated version includes mitigations against spoofing attempts of ECS-enabled queries by chaining...

powerdns-recursor -- cache pollution

PowerDNS Team reports: An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and...

TOTOLINK T6 访问控制错误漏洞

TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. The TOTOLINK T6 suffers from a lack of authentication vulnerability that stems from the setTelnetCfg function of the /cgi-bin/cstecgi.cgi file in the component...

USN-7443-3 erlang vulnerability

USN-7443-1 fixed a vulnerability in Erlang. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authenticatio...

SUSE CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

DEBIAN-CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

ALPINE-CVE-2025-5994

A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...

GHSA-4Q2V-9P7V-3V22 Reactor Netty HTTP is vulnerable to credential leaks during chained redirects

In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects...

CVE-2025-52946 Junos OS and Junos OS Evolved: With traceoptions enabled, receipt of malformed AS PATH causes RPD crash

A Use After Free vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an attacker sending a BGP update with a specifically malformed AS PATH to cause rpd to crash, resulting in a Denial of Service DoS. Continuous receipt of the...

SUSE CVE-2025-38338

In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfsreturnemptyfolio Sometimes, when a file was read while it was being truncated by another NFS client, the kernel could deadlock because foliounlock was called twice, and the second call wou...

UBUNTU-CVE-2025-38338

In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfsreturnemptyfolio Sometimes, when a file was read while it was being truncated by another NFS client, the kernel could deadlock because foliounlock was called twice, and the second call wou...

CVE-2025-38296 ACPI: platform_profile: Avoid initializing on non-ACPI platforms

In the Linux kernel, the following vulnerability has been resolved: ACPI: platformprofile: Avoid initializing on non-ACPI platforms The platform profile driver is loaded even on platforms that do not have ACPI enabled. The initialization of the sysfs entries was recently moved from...

CVE-2025-52364

Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service telnetd by default at boot via the initialization script /etc/init.d/eth.sh. This allows remote attackers to connect to the device s shell over the network, potentially without authentication if...

UBUNTU-CVE-2025-38239

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraidsas: Fix invalid node index On a system with DRAM interleave enabled, out-of-bound access is detected: megaraidsas 0000:3f:00.0: requested/available msix 128/128 pollqueue 0 ------------ cut here ------------ UBSAN:...

CVE-2025-42968

SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on...

CVE-2025-42968 Missing Authorization check in SAP NetWeaver (RFC enabled function module)

SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on...

Materialise OrthoView 操作系统命令注入漏洞

Materialise OrthoView is an orthopedic planning solution from Materialise UK. An operating system command injection vulnerability exists in Materialise OrthoView 7.5.1 and earlier versions, which stems from vulnerability to OS command injection attacks when servlet sharing is enabled...

Arbitrary File Upload

Overview hipdevteam/bb-plugin is a Fork of BB Plugin Pro for use with composer Affected versions of this package are vulnerable to Arbitrary File Upload via the saveenabledicons function. An attacker can upload arbitrary files to the server by bypassing file type validation, which may allow...

DEBIAN-CVE-2022-50224

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...