CVE-2026-48247

Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/functions.inc.php (CURLOPT_SSL_VERIFYPEER=false and no CURLOPT_SSL_VERIFYHOST), enabling network‑path MITM interception of outbound HTTPS requests and exposure of API keys or session data. The CVE notes this applies to ...

CVE-2026-48242

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials host, username, password, database name in importmdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid configuration values...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: cfg80211: tests: Fixed a potential NULL dereference in testcfg80211ParseColocatedAp. kunitkzalloc may return NULL. Dereferencing it without a NULL check may lead to a NULL dereference. Added a NULL check for ies...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: A potential dereference issue with RCU resources has been fixed in the wilcparsejoinbssparam function. In the wilcparsejoinbssparam function, the TSF field of the ies structure is accessed after the RCU read-side...

CVE-2026-33907

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003581 advisory. A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiexuapparsetailies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memo...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992730 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992489 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that...

kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that occurs in kmemdup called from brcmfgetassocies. The bug could occur when associnfo-reqlen, data from a URB provided by a USB device, i...

CVE-2025-39957

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

CVE-2025-39957 wifi: mac80211: increase scan_ies_len for S1G

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

CVE-2025-39957

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

EUVD-2015-8989

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414320)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414320 advisory. A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could...

EUVD-2024-30809

Malicious code in bioql PyPI...

EUVD-2023-37287

Malicious code in bioql PyPI...

CVE-2023-53213 wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that occurs in kmemdup called from brcmfgetassocies. The bug could occur when associnfo-reqlen, data from a URB provided by a USB device, i...

CVE-2025-21449 Buffer Over-read in WLAN Embedded SW

Transient DOS may occur while processing malformed length field in SSID IEs...

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size...

ies.lublin.pl Cross Site Scripting vulnerability OBB-4047403

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...