Masjesu Rising: The Commercial IoT Botnet Built for Stealth, DDoS, and IoT Evasion

Masjesu Rising: The Commercial IoT Botnet Built for Stealth, DDoS, and IoT Evasion By Mohideen Abdul Khader F · April 7, 2026 Botnet overview The Masjesu botnet, a sophisticated, commercially-run Internet of Things IoT threat, has been operational and evolving since early 2023, continuing into...

SUSE CVE-2019-8400

ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error errorhint parameter...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inconsistent simultaneous connection fallbacks, which may lead to a race condition...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper detection of BPF protocol fallbacks, which could lead to abnormal protocol stack handling...

SUSE CVE-2025-47278

Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...

DEBIAN-CVE-2025-47278

Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...

AZL-77828 CVE-2025-47278 affecting package python-flask 1.1.1-4

Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...

UBUNTU-CVE-2025-47278

Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...

PT-2025-20926 · Flask +1 · Flask +1

Name of the Vulnerable Software and Affected Versions: Flask versions 3.1.0 Description: The issue arises from the incorrect handling of fallback key configuration in Flask, where the last fallback key is used for signing instead of the current signing key. This is due to Flask constructing the...

CVE-2021-47131 net/tls: Fix use-after-free after the TLS device goes down and up

In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When a netdev with active TLS offload goes down, tlsdevicedown is called to stop the offload and tear down the TLS context. However, the socket stays alive, and it...

aiohttp Security Vulnerabilities

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python . A security vulnerability exists in aiohttp versions prior to 3.8.6, which stems from an inconsistent interpretation of Content-Length and Transfer-Encoding in C and Python fallbacks, and can be exploited ...

[SECURITY] Fedora 36 Update: golang-github-hexdigest-gowrap-1.1.12-5.fc36

GoWrap is a command line tool that generates decorators for Go interface types using simple templates. With GoWrap you can easily add metrics, tracing, fallbacks, pools, and many other features into your existing code in a few seconds...

Hydra has Reflected XSS via error_hint parameter

ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error errorhint parameter...

glibc security update

2.28-164.0.1 - Merge of RH patches for ol8-u5 beta release Review-exception: Routine merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for...

PT-2024-11181 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability has been resolved in the Linux kernel. The issue occurs when a netdev with active TLS offload goes down, and the TLS context is deallocated, but the sock...

CVE-2019-8400

ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error errorhint parameter...

CVE-2019-8400

ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error errorhint parameter...

CVE-2019-8400

ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error errorhint parameter...

PT-2019-19013

Name of the Vulnerable Software and Affected Versions ORY Hydra versions prior to v1.0.0-rc.3+oryOS.9 Description The issue concerns a Reflected XSS that can be triggered via the oauth2/fallbacks/error endpoint, specifically through the error hint parameter. Recommendations For versions prior to...