Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fixed a use-after-free when USB is disconnected. After the powerzdisconnect function frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferenc...

CVE-2026-40951 Memory corruption in Secure Access Windows clients prior to 14.50

CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger a denial of service...

CVE-2026-31582

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferences the freed URB pointer...

CVE-2026-31582

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferences the freed URB pointer...

Microsoft Edge for Android 安全漏洞

Microsoft Edge for Android is a browser in the Android operating system developed by the American company Microsoft. There is a security vulnerability in Microsoft Edge for Android, which stems from improper presentation of key user interface information. This vulnerability may allow unauthorized...

CVE-2026-23073

CVE-2026-23073 (Linux kernel) affects the wifi RSI driver. The root cause is memory corruption caused by not allocating space for the driver data in the trailing‑space field of struct ieee80211_vif. Specifically, RSI911x fails to set the vif driver data size, causing writes to vif->drv_priv to...

CVE-2026-23073

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct ieee80211vif contains trailing space for vif driver data, when struct ieee80211vif is allocated, the total memory size that is allocated is...

CVE-2026-23073 wifi: rsi: Fix memory corruption due to not set vif driver data size

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct ieee80211vif contains trailing space for vif driver data, when struct ieee80211vif is allocated, the total memory size that is allocated is...

CVE-2025-40283 Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusbdisconnect to avoid UAF There is a KASAN: slab-use-after-free read in btusbdisconnect. Calling "usbdriverreleaseinterface&btusbdriver, data-intf" will free the btusb data associated with...

Vulnerabilities fixed in Arista Networks products

Arista Networks has fixed vulnerabilities in DANZ. The vulnerabilities include several ways for authenticated users with limited privileges to gain access to sensitive systems and data. These include escaping the CLI sandbox, exploiting SSH port forwarding, and making operating system operations...

EUVD-2023-32634

Malicious code in bioql PyPI...

EUVD-2025-29542

Malicious code in bioql PyPI...

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 信息泄露漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system designed specifically for the company's hardware devices. The operating system provides a secure programming interface and the Junos...

Documenso 安全漏洞

Documenso is an open source DocuSign alternative to Documenso Open Source. A security vulnerability exists in versions of Documenso prior to 1.8.0 that stems from the user interface misrepresenting critical information, allowing content spoofing...

OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

Jenkins Walti Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

CVE-2022-22349

IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144...

MISP - Malware Information Sharing Platform and Threat Sharing

The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System NIDS, LIDS but also log analysi...

DEBIAN-CVE-2015-8816

The hubactivate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service invalid memory access and system crash or possibly have unspecified other impact ...

UBUNTU-CVE-2015-8816

The hubactivate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service invalid memory access and system crash or possibly have unspecified other impact ...