CVE-2026-31394 mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211chanbwchange for APVLAN stations ieee80211chanbwchange iterates all stations and accesses link-reserved.oper via sta-sdata-linklinkid. For stations on APVLAN interfaces e.g. 4addr WDS clients,...

EUVD-2025-176471

Malicious code in sed-sed-link-data-root npm...

CVE-2025-40131

The CVE-2025-40131 entry concerns the Linux kernel address space of the ath12k wireless driver. In monitor mode, peer_id assignment could remain invalid because rxcb->peer_id is not updated for RX frames that bypass the normal RX descriptor path. This caused the peer to be NULL and left link_i...

CVE-2025-53838

LinkAce (prior to 2.1.9) is affected by a stored XSS vulnerability due to insufficient filtering/escaping of user-supplied data in link attributes. An attacker can save malicious JavaScript in the database, which executes in a user’s browser when a crafted link is clicked (one-click XSS). The iss...

CVE-2025-20920

Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory...

SUSE CVE-2024-57805

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP The linkDMA should not be released on stop trigger since a stream re-start might happen without closing of the stream. This leaves a short time for other streams to...

WordPress Plugin "Forminator" vulnerable to cross-site scripting

Overview WordPress Plugin "Forminator" provided by WPMU DEV assists building web forms. When accessing the page including the web form created with Forminator, some information from the URL may be embedded to the web form. This feature processes the embedded information improperly, leading to...

UBUNTU-CVE-2024-43911

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

CVE-2024-35860

CVE-2024-35860 affects the Linux kernel. The issue is a runtime dependency in bpf_link where, after the link’s refcnt hits zero, active BPF programs may still access link data. The patch adds two deallocation callbacks (synchronous and deferred) and makes bpf_link_free() schedule deallocation aft...

PT-2023-4845 · D Link · D-Link Dap-2622

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2622 affected versions not specified Description: The issue is related to a buffer overflow in the DDP service of the D-Link DAP-2622 wireless access point firmware. This can be exploited by a remote attacker to execute arbitrary...

Threat Source newsletter (March 16, 2023) — A deep dive into Talos' work in Ukraine

Welcome to this weeks edition of the Threat Source newsletter. Were written a ton about Cisco Talos support of Ukraine and our friends and allies there. Now, we encourage you to watch and listen to the folks who have been working hands-on there. The latest episode of ThreatWise TV from Hazel Burt...

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

CVE-2022-26054

Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link...

Cybozu Garoon Operation Limit Bypass Vulnerability (CNVD-2022-53805)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an Operation Restriction Bypass vulnerability that originates from improper privilege...

Cybozu Garoon 安全漏洞

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an Operation Restriction Bypass vulnerability that originates from improper privilege...