Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: hns3 – fixed a use-after-free bug in hclgevfsendmbxmsg. Currently, the hns3remove function first uninstalls the client instance, and then uninstalls the deletion engine device. The netdevice is freed during the client instan...

CVE-2025-68812

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add sanity check for stop streaming Add sanity check in irisvb2stopstreaming. If inst-state is already IRISINSTERROR, we should skip the streamoff operation because it would still send packets to the firmware. In...

PT-2026-2544

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add sanity check for stop streaming Add sanity check in iris vb2 stop streaming. If inst-state is already IRIS INST ERROR, we should skip the stream off operation because it would still send packets to the firmware. ...

Prototype Pollution

parse is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of user-supplied input in the SingleInstanceStateController.initializeState function, which allows an attacker to inject malicious properties into Object.prototype via a crafted payload, leading to denial of...

CVE-2023-30624

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...

DEBIAN-CVE-2021-47596

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevfsendmbxmsg Currently, the hns3remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client instance uninstall process...

UBUNTU-CVE-2021-47596

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevfsendmbxmsg Currently, the hns3remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client instance uninstall process...

Important: ecs-service-connect-agent

Issue Overview: Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issu...

Wasmtime 安全漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. A security vulnerability exists in wasmtime versions 6.0.1 and earlier, 7.0.0, and 8.0.0, which stems from the fact that Wasmtime's implementation of managing per-instance state e.g.,...

Aruba Networks ClearPass Policy Manager 安全漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager that could allow an attacker with read-only privileges to perform an action th...

Qualys Cloud Platform 2.38 New Features

This release of the Qualys Cloud Platform version 2.38 includes updates and new features for AssetView, Web Application Firewall, and Web Application Scanning, highlights as follows. AssetView Azure Instance State search token and Dynamic Tag Support – A new search token "azure.vm.state" is added...

Code Execution Vulnerability in LotWan WAN Optimization System

AppEx LotWan is a WAN optimization and acceleration product. A remote command execution vulnerability exists in AppEx LotWan, which exists in /acc/checkinstancestate.php and can be exploited by an attacker to execute system commands without authorization...