Linux Distros Unpatched Vulnerability : CVE-2025-71127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmmac – Fix for crashes occurring when sending Action Frames in standalone AP Mode Currently, whenever an Action Frame needs to be transmitted, the brcmmac driver always uses the P2P vif to send the “actframe” IOVAR to th...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: The sun4iCan driver’s ndochangemtu function needs to be updated to prevent buffer overflows. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ice: fixed the Rx page leak in multi-buffer frames. The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice...

libsoup 安全漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup, which stems from improper handling of WebSocket frames, and may result in out-of-bounds memory reads, causing a memory leak or crash...

MiracleLinux 8 : firefox-128.10.0-1.el8_10.ML.1 (AXSA:2025-9933:13)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9933:13 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...

MiracleLinux 9 : thunderbird-128.10.0-1.el9_5.ML.1 (AXSA:2025-9936:10)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9936:10 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...

MiracleLinux 8 : thunderbird-128.10.0-1.el8_10.ML.1 (AXSA:2025-9937:11)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9937:11 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...

CVE-2026-22214

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...

CVE-2026-22214

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...

PT-2026-2323

Name of the Vulnerable Software and Affected Versions RIOT OS versions up to and including 2026.01-devel-317 Description RIOT OS versions up to and including 2026.01-devel-317 have a stack-based buffer overflow issue in the ethos utility. This is due to a lack of bounds checking when handling...

CVE-2019-2276

Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607,...

CVE-2011-0172

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service divide-by-zero error and reboot via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162...

CVE-2020-12140

A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames...

CVE-2024-41992

Wi-Fi Alliance wfadut in Wi-Fi Test Suite through 9.0.0 allows OS command injection via 802.11x frames because the system library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a L...

CVE-2023-25667

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

CVE-2021-22642

An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system...

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame...

CVE-2022-33253

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames...