Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out-of-bounds read issue There is an out-of-bounds read access to gbePhyInitFixfixidx.addr during each iteration after fixidx reaches ARRAYSIZEgbePhyInitFix. Ensure that gbePhyInitaddr is used when...

CVE-2025-63409

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials...

CVE-2026-27521 Binardat 10G08-0800GSM Network Switch Missing Login Rate Limiting

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...

CVE-2026-27517 Binardat 10G08-0800GSM Network Switch XSS

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized user input in the web interface, allowing an attacker to inject and execute arbitrary JavaScript in the context of an authenticated user...

CVE-2026-27515

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 expose predictable numeric session identifiers in the web management interface, allowing an attacker to guess valid session IDs and hijack authenticated sessions. The issue is located in the web management session han...

CVE-2026-27515 Binardat 10G08-0800GSM Network Switch Predictable Session Identifiers

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions...

PT-2026-21758

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can...

CVE-2025-24851

Uncaught exception in the firmware for some 100GbE IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This...

CVE-2025-24851

Uncaught exception in the firmware for some 100GbE IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This...

CVE-2025-63353

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password WPA/WPA2 pre-shared key to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989426 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usbassigndescriptors is called with 5 parameters...

SUSE CVE-2025-39957

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

CVE-2025-39957

CVE-2025-39957 affects the Linux kernel wireless stack (wifi: mac80211) where S1G capability length was not accounted for in scan_ies_len, causing a buffer length validation failure in ieee80211_prep_hw_scan() and a WARN in __ieee80211_start_scan(). The fix adds S1G length to the calculation to e...

EUVD-2010-4236

Malware in sbrugna...

EUVD-2000-0696

Malware in sbrugna...

EUVD-2008-3795

Malware in sbrugna...

EUVD-2002-1578

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987288 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadgets null ptr deref on 10gbps cabling. This avoids a null pointer dereference...

EUVD-2025-10969

Malicious code in bioql PyPI...

Intel 800 Series Ethernet Integer Overflow Vulnerability

Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. Intel 800 Series Ethernet suffers from an integer overflow vulnerability that stems from an integer overflow or wrap-around error...