Linux Distros Unpatched Vulnerability : CVE-2026-31649

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: stmmac: fix integer underflow in chain mode The jumbofrm chain-mode implementation unconditionally computes len = nopagedlen - bmax; where nopagedlen =...

MiracleLinux 3 : samba-3.0.33-3.40.0.1.AXS3 (AXSA:2014-583:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-583:01 advisory. Description : Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of...

CVE-2025-58899

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Frame frame allows PHP Local File Inclusion.This issue affects Frame: from n/a through = 2.4.0...

PT-2025-52072

Name of the Vulnerable Software and Affected Versions AncoraThemes Frame versions through 2.4.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of...

EUVD-2020-17645

Malware in sbrugna...

EUVD-2009-4504

Malware in sbrugna...

EUVD-2022-28193

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-26142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abus...

CVE-2025-21454

Transient DOS while processing received beacon frame...

CVE-2020-24944

picoquic before 3rd of July 2020 allows attackers to cause a denial of service infinite loop via a crafted QUIC frame, related to the picoquicdecodeframes and picoquicdecodestreamframe functions and epoch==3...

CVE-1999-0488

Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

CVE-2024-47257

Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network. Axis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software...

CVE-2024-33010

Transient DOS while parsing fragments of MBSSID IE from beacon frame...

CVE-2024-33018

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame...

The vulnerability of the `apedecode_frame` function in the `libavcodec/apedec.c` file of the FFmpeg multimedia library involves reading data beyond the allowed buffer limits. This allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the apedecodeframe function in the libavcodec/apedec.c file of the FFmpeg multimedia library relates to reading data from buffers beyond their acceptable limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity,...

Important: nodejs

Issue Overview: An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the...

CVE-2023-24821 RIOT-OS vulnerable to Integer Underflow during defragmentation

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write wil...

CVE-2023-1811

Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

K32888092: Linux Kernel vulnerability CVE-2019-13648

Security Advisory Description In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service TM Bad Thing exception and system crash via a sigreturn system call that sends a crafted signal frame. This affects...