Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ethernet: Hisilicon: HNS: hnsdsafmisc: A possible array overflow has been fixed in hnsdsafgesrstbyport. The if statement limits the value of port to be less than DSAFGENUM i.e., 8. However, if the value of port is 6 or 7, an arra...

PT-2026-33761

Name of the Vulnerable Software and Affected Versions Progress ADC LoadMaster affected versions not specified Description An OS command injection flaw in the API allows an authenticated attacker with Geo Administration permissions to execute arbitrary commands on the appliance. This is possible d...

CVE-2026-1762

A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions...

CVE-2026-1763

Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions...

CVE-2026-1763

Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions...

CVE-2026-1762

A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions...

CVE-2026-1763 Enervista UR Setup DLL Hijacking

Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions...

CVE-2026-1762

A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation. Affected product: Enervista UR Setup, version 8.6 and earlier. Root cause and concrete impact are described as file manipulation with a CVSS v3.1 base score 2.9 (LOW); attack vector: Physical, attack complexity:...

PT-2026-7466

Name of the Vulnerable Software and Affected Versions GE Vernova Enervista versions prior to 8.6 Description A security issue exists in GE Vernova Enervista UR Setup on Windows. The issue affects versions prior to 8.6. Recommendations Update to a version newer than 8.6...

GE Vernova Enervista UR Setup 安全漏洞

GE Vernova Enervista UR Setup is an interface configuration and management software for relay protection devices developed by GE Vernova in the United States. Versions of GE Vernova Enervista UR Setup prior to version 8.6 contained security vulnerabilities, which were due to a vulnerability relat...

CVE-2020-23058

An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data...

CVE-2021-27418

GE UR firmware versions prior to version 8.1x supports web interface with read-only access. The device fails to properly validate user input, making it possible to perform cross-site scripting attacks, which may be used to send a malicious script. Also, UR Firmware web server does not perform HTM...

CVE-2021-27430

GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR...

CVE-2021-27422

GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication...

CVE-2021-27426

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...

CVE-2021-27428

GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without...

CVE-2019-16353

Emerson GE Automation Proficy Machine Edition 8.0 allows an access violation and application crash via crafted traffic from a remote device, as demonstrated by an RX7i device...

EUVD-2025-199630

node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization...

Malicious code in lookingan-nakomi45 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63b2c68b0a4909e0c0496e5588d7680361d9180919ed8a5ee521da77b5fb5f94 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-3222

Improper Authentication vulnerability in GE Vernova Smallworld on Windows, Linux allows Authentication Abuse.This issue affects Smallworld: 5.3.3 and prior versions for Linux, and 5.3.4. and prior versions for Windows...