Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A vulnerability was discovered in the HCI socket implementation due to a missing capability check in the net/bluetooth/hcisock.c file within the Linux kernel. This flaw allows an attacker to execute management commands without authorization, compromising the confidentiality, integrity, and...

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from an...

OpenHarness 安全漏洞

OpenHarness is a lightweight development and runtime framework for Data Intelligence Lab@HKU. Previous versions of OpenHarness had security vulnerabilities, which stemmed from insufficient differentiation between local commands and remote secure commands processed by the gateway. This vulnerabili...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

TP-LINK Archer C20 security vulnerabilities

The TP-LINK Archer C20 is a router produced by the TP-LINK company. Versions of the TP-LINK Archer C20 prior to v6.0 version number: 6251031 and the TP-Link Archer AX53 prior to version 1.0 version number: 1251215 contained security vulnerabilities. These vulnerabilities were due to logical flaws...

Cross-site Scripting

Overview Affected versions of this package are vulnerable to Cross-site Scripting via api exception. An attacker can trick the user into clicking a specially crafted link, potentially leading to code execution on the target page, theft of session information, and account takeover. Remediation...

EUVD-2021-14616

Malware in sbrugna...

EUVD-2021-14614

Malware in sbrugna...

EUVD-2024-47658

Malicious code in bioql PyPI...

SUSE CVE-2025-39746

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: shutdown driver when hardware is unreliable In rare cases, ath10k may lose connection with the PCIe bus due to some unknown reasons, which could further lead to system crashes during resuming due to watchdog timeout...

Zyxel DSL CPE OS Command Injection Vulnerability

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet...

CVE-2024-6593

CVE-2024-6593 describes an Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) for Windows, affecting versions up to 12.10.2. The underlying issue allows an attacker with network access to execute restricted management commands, indicating a privi...

CVE-2024-6593 WatchGuard Firebox Single Sign-On Agent Management Interface Authentication Bypass

Incorrect Authorization vulnerability in WatchGuard Authentication Gateway aka Single Sign-On Agent on Windows allows an attacker with network access to execute restricted management commands. This issue affects Authentication Gateway: through 12.10.2...

PT-2024-6555 · Watchguard · Watchguard Authentication Gateway

Name of the Vulnerable Software and Affected Versions: WatchGuard Authentication Gateway versions through 12.10.2 Description: The issue is related to an Incorrect Authorization vulnerability in the WatchGuard Authentication Gateway, allowing an attacker with network access to execute restricted...

Kernel: bluetooth: Unauthorized management command execution

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...

Kernel: bluetooth: Unauthorized management command execution

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...

Kernel: bluetooth: Unauthorized management command execution

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...

Kernel: bluetooth: Unauthorized management command execution

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...

Kernel: bluetooth: Unauthorized management command execution

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...

SUSE SLES15 Security Update : kernel (Live Patch 26 for SLE 15 SP3) (SUSE-SU-2023:3111-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3111-1 advisory. - A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel...