Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Added verification for the maxfrequency value provided by the firmware. If the value of maxspeedhz is 0, it may cause a division by zero error in the function hisicalceffectivespeed. The value of maxspeedhz is...

aloni (>=0.2.1 <=0.2.3), code-exec-hz (>=1.0.0 <=1.0.1) +6 more potentially affected by CVE-2026-42544 via granian (>=1.3.2 <=2.6.1)

granian PYPI version =1.3.2, =0.2.1, =1.0.0, =2.5.10, =1.0.0, =0.2.0, =0.0.1, =2025.1.0, =0.1.1, =0.3.1 Source cves: CVE-2026-42544 Source advisory: OSV:GHSA-VRG7-482J-P6F6...

CVE-2026-31603 staging: sm750fb: fix division by zero in ps_to_hz()

In the Linux kernel, the following vulnerability has been resolved: staging: sm750fb: fix division by zero in pstohz pstohz is called from hwsm750crtcsetmode without validating that pixclock is non-zero. A zero pixclock passed via FBIOPUTVSCREENINFO causes a division by zero. Fix by rejecting zer...

EUVD-2012-4151

Malware in sbrugna...

CVE-2025-11326

CVE-2025-11326 affects Tenda AC18 (version 15.03.05.19(6318)). The vulnerability resides in the wifi_chkHz handling of the /goform/WifiMacFilterSet file, where input length validation can cause a stack-based buffer overflow. This can be exploited remotely, and multiple sources note that an exploi...

UBUNTU-CVE-2024-41148

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...

CVE-2024-41148 Unsafe use of eval() method in rostopic hz tool

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...

UBUNTU-CVE-2025-38193

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of...

HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat

In June 2024, we discovered a macOS version of the HZ Rat backdoor targeting users of the enterprise messenger DingTalk and the social network and messaging platform WeChat. The samples we found almost exactly replicate the functionality of the Windows version of the backdoor and differ only in t...

AZL-47364 CVE-2024-42223 affecting package kernel for versions less than 5.15.164.1-1

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state-xtalhz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pllmfactor. Create a new 64 bit variable to hold the calculations...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the media:dvb-frontends:tda10048 module where state-xtalhz can be as high as 16M during computation, an...

UBUNTU-CVE-2021-47603

In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditdthread could get blocked attempting to send audit records to the userspace audit daemon. With...

Command Execution Vulnerability in HZ Video Security Exchange Access System of Hangzhou HZ Data Technology Co.

Ltd. "HZD", founded in 2003, is a high-tech company specializing in R&D, production and sales in the field of data security and big data. A command execution vulnerability exists in the Hopscotch Video Security Exchange Access System of Hangzhou Hopscotch Data Technology Co., Ltd, which can be...

SUSE CVE-2012-4207

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a tilde character in proximity to a chunk delimiter, which allows remote...

Emerson 396804-01-2 Isolated Digital Input/Output module Detection

Binary data 756526.prm...

Emerson 396570-05-4 Non-isolated High Speed Counter Detection

Binary data 756514.prm...

Arbitrary Code Execution Or Denial Of Service (DoS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Arbitrary Code Execution Or Denial Of Service (DoS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Arbitrary Code Execution Or Denial Of Service (DoS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...