CVE-2023-48957

PureVPN Linux client 2.0.2-Productions fails to properly handle DNS queries, allowing them to bypass the VPN tunnel and be sent directly to the ISP or default DNS servers...

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider ISP to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highlan...

Major ISP Accused of Mass Malware Attack on Customers

A major South Korean ISP is accused of installing malware on over 600,000 customers’ PCs to curb torrent…...

Malicious code in isp-orion-theme (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2534 Malicious code in isp-orion-theme (npm)

--- -= Per source details. Do not edit below this line.=-...

Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions

Now-patched authorization bypass issues impacting Cox modems could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands. "This series of vulnerabilities demonstrated a way in which a fully external attacker with no prerequisites could've...

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.

More than 600,000 small office/home office SOHO routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023,...

SUSE CVE-2023-52660

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQFSHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will ha...

CVE-2023-52660

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQFSHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will ha...

UBUNTU-CVE-2023-52660

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQFSHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will ha...

CVE-2023-52660 media: rkisp1: Fix IRQ handling due to shared interrupts

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQFSHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will ha...

PT-2024-14683

Name of the Vulnerable Software and Affected Versions Linux kernel versions up to 6.1.82 Linux kernel versions up to 6.6.22 Linux kernel versions up to 6.7.10 Description The issue arises from the driver requesting interrupts as IRQF SHARED, allowing interrupt handlers to be called at any time. I...

CVE-2024-32890 Stored Cross-site Scripting in results JSON API in librespeed/speedtest

librespeed/speedtest is an open source, self-hosted speed test for HTML5. In affected versions missing neutralization of the ISP information in a speedtest result leads to stored Cross-site scripting in the JSON API. The processedString field in the ispinfo parameter is missing neutralization. It...

CVE-2024-32890

The CVE-2024-32890 entry describes a stored cross-site scripting (XSS) in LibreSpeed speedtest. Affected are LibreSpeed speedtest instances running version 5.2.5 or higher with telemetry enabled. The vulnerability arises from missing neutralization in the ispinfo.processedString field of the tele...

PT-2024-24943 · Unknown · Librespeed Speedtest

Name of the Vulnerable Software and Affected Versions: librespeed/speedtest versions 5.2.5 through 5.3.0 Description: The issue arises from missing neutralization of the ISP information in a speedtest result, leading to stored Cross-site scripting in the JSON API. The processedString field in the...

The Power of ISP Proxies: Unlocking Local Content and Resources

By Owais Sultan Modern advancements have tilted the world into a tightly-knit web. Accessing localized content and resources can be hard… This is a post from HackRead.com Read the original post: The Power of ISP Proxies: Unlocking Local Content and Resources...

CVE-2023-52589

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1ispstop and rkisp1csidisable the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in the stop procedure. This is...

DEBIAN-CVE-2023-52589

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1ispstop and rkisp1csidisable the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in the stop procedure. This is...

UBUNTU-CVE-2023-52589

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1ispstop and rkisp1csidisable the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in the stop procedure. This is...

CVE-2023-52589 media: rkisp1: Fix IRQ disable race issue

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1ispstop and rkisp1csidisable the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in the stop procedure. This is...