Astra Linux - Vulnerability in Golang-1.19

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Moreover, the error string is created through repeated string concatenation, resulting in quadratic runtime. Therefore, a certificate provided by a malicious actor can...

Mikrotik RouterOS 缓冲区错误漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. Version 6.49.8 of Mikrotik RouterOS contains a buffer error vulnerability. This vulnerability stems from the ASN1STRINGdata function in the nova/lib/www/scep.p library, which processes paramete...

Linux Distros Unpatched Vulnerability : CVE-2026-31698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the...

Linux Distros Unpatched Vulnerability : CVE-2026-43038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its ...

Linux Distros Unpatched Vulnerability : CVE-2026-31748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to...

Linux Distros Unpatched Vulnerability : CVE-2026-31754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: gadget: fix state inconsistency on gadget init failure When cdns3gadgetstart fails, the DRD hardware is left in gadget mode while software state...

Linux Distros Unpatched Vulnerability : CVE-2026-31719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own...

CVE-2026-31783

A flaw was found in the Linux kernel's spi: amlogic: spifc-a4 module. The on-host NAND Error-Correcting Code ECC engine was not properly unregistered when the probe failed or during device removal. This missing cleanup could lead to resource leaks, potentially causing system instability or a deni...

CVE-2026-31730

A flaw was found in the Linux kernel's fastrpc component that could lead to a denial of service DoS or potentially arbitrary code execution. This memory corruption vulnerability, specifically a double-free, occurs when the cctx-remoteheap memory is freed twice due to an error handling issue in th...

CVE-2026-43055

A flaw was found in the Linux kernel's SCSI target file module. When a write command is executed, the aiocmd-iocb for the kiwritestream is not initialized. This can lead to an incorrect kiwritestream value, causing unintended write failures in the block device. This vulnerability can result in a...

CLSA-2026-1777660524 python3.11: Fix of CVE-2026-6100

CVE-2026-6100 fix use-after-free in lzma/bz2 decompressor by clearing the dangling nextin pointer after MemoryError so a re-used decompressor cannot read or write through a stale buffer pointer...

CVE-2025-69606

Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

CVE-2026-43034

A flaw was found in the bnxten driver within the Linux kernel. This vulnerability arises from the bnxthwrmfuncbackingstoreqcapsv2 function using an incorrect type value from the firmware response to index internal data arrays. This improper indexing could lead to memory corruption, potentially...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the RWStlReader::ReadAscii process when buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before being used in strncasecmp or accessed directly. An attacker can cause denial of...

CVE-2026-37535

openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac 2021-08-09 contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is used directly as the memcpy size without validating it against the actual CAN data length. A malicious...

CVE-2026-43045

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshvregionpin The current error handling has two issues: First, pinuserpagesfast can return a short pin count less than requested but greater than zero when it cannot pin all requested pages. This is...

CVE-2026-43038

In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...

CVE-2026-43022

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...

CVE-2026-43005

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...