1497 matches found
CVE-2025-57835
CVE-2025-57835 affects Samsung Exynos/Modem devices (e.g., Exynos 980/990/850/1080/2100/etc.) with RRC in Samsung Mobile Processor, Wearable Processor, and Modems. Root cause: improper memory initialization causing illegal memory access via a malformed RRCReconfiguration message, leading to a sys...
CVE-2026-23555
A flaw was found in Xenstored, the daemon responsible for the Xenstore key-value store in Xen virtual machines. An unprivileged guest can exploit this vulnerability by issuing a Xenstore command that accesses a node using an illegal node path. This can cause Xenstored to crash, leading to a Denia...
CVE-2026-23555
Any guest issuing a Xenstore command accessing a node using the illegal node path "/local/domain/", will crash xenstored due to a clobbered error indicator in xenstored when verifying the node path. Note that the crash is forced via a failing assert statement in xenstored. In case xenstored is...
Xen 安全漏洞
Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has a security vulnerability, which...
CLSA-2026-1773048865 kernel: Fix of 53 CVEs
xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...
Oracle Linux 8 : gcc-toolset-14-binutils (ELSA-2026-2627)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2627 advisory. 2.41-3.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130636 Thu Feb 20 2025 Nick Clifton - Backport fixes for PR 32082 and P...
OPENSUSE-SU-2026:20122-1 Security update for python-h2
This update for python-h2 fixes the following issues: - CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737...
CVE-2025-41082
Illegal HTTP request traffic vulnerability CL.0 in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which...
PT-2026-4738
Illegal HTTP request traffic vulnerability CL.0 in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which...
EVerest security vulnerabilities
EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions of EVerest prior to 2025.12.1 contain security vulnerabilities. These vulnerabilities stem from a vulnerability that allows bypassing sequence state verification and authentication, potentiall...
PT-2026-4826
Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2025.12.1 Description EVerest is an EV charging software stack susceptible to a bypass of sequence state verification, including authentication. This allows sending requests that transition to forbidden states,...
MiracleLinux 8 : vim-8.0.1763-16.el8.4 (AXSA:2022-3035:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3035:01 advisory. vim: heap-based buffer overflow in winredrstatus in drawscreen.c CVE-2021-3872 vim: illegal memory access in findstartbrace in cindent.c when...
MiracleLinux 7 : libsolv-0.6.34-4.el7 (AXSA:2019-4081:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4081:02 advisory. libsolv: NULL pointer dereference in function testcaseread CVE-2018-20532 libsolv: NULL pointer dereference in function testcasestr2depcomplex...
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
Over the past year, Microsoft Threat Intelligence observed the proliferation of RedVDS, a virtual dedicated server VDS provider used by multiple financially motivated threat actors to commit business email compromise BEC, mass phishing, account takeover, and financial fraud. Microsoft’s...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...