ROS-20260608-73-0005

The vulnerability of the .NET software platform lies in the execution of a loop with an exit condition that is not met. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

[SECURITY] Fedora 43 Update: perl-HTTP-Tiny-0.094-1.fc43

This is a very simple HTTP/1.1 client, designed for doing simple GET requests without the overhead of a large framework like LWP::UserAgent. It is more correct and more complete than HTTP::Lite. It supports proxies currently only non-authenticating ones and redirection. It also correctly resumes...

ROS-20260605-73-0044

The vulnerability in Tomcat10 is related to unlimited resource allocation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

CVE-2026-36175

An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments...

CVE-2026-36175

An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments...

PT-2026-46244

An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments...

CVE-2026-36175

Technical details enabling exploitation are not publicly available in the provided documents. The GNCC GP5 U-Boot vulnerability description is repeated across sources; monitor for updated advisories or technical specifics.

Dräger SC Monitoring devices 安全漏洞

The Dräger SC Monitoring devices are a series of clinical vital signs monitoring devices produced by the German company Dräger. There is a security vulnerability in the Dräger SC Monitoring devices; this vulnerability arises from the possibility of sending malformed network packets, which may cau...

CVE-2019-25721

Dräger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigger device reboots by sending malicious requests over the Infinity Network. Attackers can exploit...

CVE-2019-25723

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...

CVE-2019-25723

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...

CVE-2019-25723 Dräger Perseus A500 2.00-2.02 DoS via Medibus Interface

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...

EUVD-2019-20159

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...

CVE-2019-25721 Dräger Infinity M300 VG2.3.1 Network-Based Denial of Service

Dräger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigger device reboots by sending malicious requests over the Infinity Network. Attackers can exploit...

PT-2026-45812

Name of the Vulnerable Software and Affected Versions Dräger Perseus A500 versions 2.00 through 2.02 Description Improper input handling allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. This can overlo...

PT-2026-45810

Name of the Vulnerable Software and Affected Versions Dräger Infinity M300 versions prior to VG2.3.2 Description A network-based denial of service issue exists that allows network-adjacent attackers to repeatedly trigger device reboots by sending malicious requests over the Infinity Network. This...

CVE-2026-46073

A flaw was found in the Linux kernel's hwmon subsystem, specifically within the powerz driver. When a signal interrupt occurs during the waitforcompletioninterruptibletimeout function, the system fails to properly abort the USB Request Block URB. This oversight can lead to the kernel attempting t...

EUVD-2026-31819

The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...

vm2 安全漏洞

vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using built-in Node.js modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have a security vulnerability: sandbox code can call Buffer.alloc to allocate memory of arbitrary...

CVE-2026-42276 Onyx: IDOR in /chat/stop-chat-session allows any authenticated user to interrupt other users chat sessions

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...