Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The race condition related to PreauhHashValue has been fixed. If a client sends multiple session setup requests to ksmbd, a race condition related to PreauhHashValue may occur. There is no need to free sess-PreauhHashValue...

CVE-2026-26792

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain multiple command injection vulnerabilities in the setupgrade function via the modemurl, targetversion, currentversion, firmwareupload, hashtype, hashvalue, and upgradetype parameters. These vulnerabilities allow attackers to execute arbitrary...

PT-2026-25025

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain multiple command injection vulnerabilities in the set upgrade function via the modem url, target version, current version, firmware upload, hash type, hash value, and upgrade type parameters. These vulnerabilities allow attackers to execute...

Linux Distros Unpatched Vulnerability : CVE-2026-2302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...

PT-2026-7435

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from hash may allow for executing arbitrary Ruby code...

CVE-2025-47369

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a weak hash value returned to userland code in response to an IOCTL call to obtain a session ID, which could lead to information disclosure...

PT-2026-1540

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An information disclosure issue exists due to a weak hashed value being returned to userland code in response to an IOCTL call used to obtain a session ID. This could potentially allow unauthorized...

CVE-2021-47712

A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation...

PT-2025-52301

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A cryptography issue exists in Kentico Xperience that may allow attackers to manipulate URL hash values by exploiting existing hashing mechanisms. A hotfix introduces an additional...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper enforcement of the SIGHASH value in the signature verification process. An attacker can submit non-compliant signatures that are incorrectly accepted as valid by providing...

Intel® Slim Bootloader Advisory

Summary: A potential security vulnerability in the Intel® Slim Bootloader may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35968 Description: Protection mechanism failure in the UEFI firmware fo...

EUVD-2020-6561

Malware in sbrugna...

EUVD-2025-24028

Malicious code in bioql PyPI...

EUVD-2022-7605

Malicious code in bioql PyPI...

Linux Kernel ksmbd smb2_sess_setup Preauth_HashValue Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the PreauthHashValue field. The issue results from the lack of proper locking...

Linux Distros Unpatched Vulnerability : CVE-2025-38561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix PreauhHashValue race condition If client send multiple session setup requests to...

DEBIAN-CVE-2025-38561

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix PreauhHashValue race condition If client send multiple session setup requests to ksmbd, PreauhHashValue race condition could happen. There is no need to free sess-PreauhHashValue at session setup phase. It can be freed...

CVE-2025-38561 ksmbd: fix Preauh_HashValue race condition

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix PreauhHashValue race condition If client send multiple session setup requests to ksmbd, PreauhHashValue race condition could happen. There is no need to free sess-PreauhHashValue at session setup phase. It can be freed...

CVE-2025-55013

The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client taskhandler.py accepts a SHA-256 value returned by the service server and uses it directly as a local...