TOTOLINK X5000R 安全漏洞

TOTOLINK X5000R is a router produced by TOTOLINK, a Chinese company. The TOTOLINK X5000R V9.1.0cu.2415B20250515 version contains a security vulnerability. This vulnerability stems from insufficient boundary checking of the CONTENTLENGTH environment variable in the /cgi-bin/cstecgi.cgi file. It ma...

CVE-2025-67445

CVE-2025-67445 affects TOTOLINK X5000R (v9.1.0cu.2415_B20250515) in the /cgi-bin/cstecgi.cgi CGI. The issue stems from reading CONTENT_LENGTH and calling malloc(CONTENT_LENGTH + 1) without proper bounds checks. A crafted large POST request can exhaust memory or cause a segmentation fault when the...

AZL-78461 CVE-2026-22982 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...

UBUNTU-CVE-2026-22982

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...

EUVD-2025-203774

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface When performing reset tests and encountering abnormal card drop issues that lead to a kernel crash, it is necessary to perform a null check before...

CVE-2025-52666

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...

USN-7816-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled the mlx5 Ethernet poll mode driver. An attacker could possibly use this issue to obtain sensitive information, or cause the network interface to crash, resulting in a denial of service...

EUVD-2015-3369

Malware in sbrugna...

PT-2025-28805 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 2.10 Description: A critical vulnerability exists in the D-Link DIR-825 router. This issue affects the sub 410DDC function within the switch language.cgi file of the httpd component. Manipulation of the Language paramet...

CVE-2024-28077

A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network through DDNS, and consequently obtain the IP addresses and ports of devices that are exposed. By using special usernames and special characters such as half...

CVE-2019-5445

DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the inability of commands to refresh back to the SCSI layer, resulting in a system crash...

CVE-2024-26723 lan966x: Fix crash when adding interface under a lag

In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when adding interface under a lag There is a crash when adding one of the lan966x interfaces under a lag interface. The issue can be reproduced like this: ip link add name bond0 type bond miimon 100 mode...

Memory corruption

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

PT-2023-35870 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue was identified, potentially causing a crash. The crash occurs in the NetworkInterface::dissectPacket function, as...

Ubuntu 18.04 LTS : Linux kernel (Dell300x) vulnerabilities (USN-5861-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5861-1 advisory. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote...

MGASA-2022-0477 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.82 and fixes atleast the following security issues: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver,...

SUSE-SU-2022:4505-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-42328: Guests could trigger denial of service via the netback driver bnc120611...

CVE-2022-3643

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an unwritten? assumption in the rest of the Linux network stack that packet...

PT-2022-6166 · Cisco +6 · Cisco +6

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to the Linux network backend, specifically the netback driver, where a guest can trigger a NIC interface reset, abort, or crash by sending certain kinds of packets. This ...