Astra Linux - уязвимость в linux-5.15

A flaw was discovered in the netdevsim device driver of the Linux kernel, related to the scheduling of events. This issue arises due to improper management of a reference count. This could allow an attacker to create a denial-of-service condition on the system...

WordPress plugin Jetpack CRM 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002675)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002675 advisory. kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain...

ROS-20251217-7323

A vulnerability in the Redis database management system DBMS is related to mismanagement of code generation. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28465)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from mismanagement of privileges and can be exploited by an attacker to cause elevation of...

Code-Projects POS Pharmacy System 安全漏洞

Code-Projects POS Pharmacy System is a pos pharmacy system from Code-Projects open source. A security vulnerability exists in Code-Projects POS Pharmacy System version 1.0, which originates from a cross-site scripting attack due to incorrect manipulation of the parameters...

SuperAGI 安全漏洞

SuperAGI is an open source infrastructure application from SuperAGI Open Source. for building components, tools, frameworks, and models to implement open source AGI. A security vulnerability exists in SuperAGI version v0.0.14, which stems from mismanagement of permissions and could lead to a user...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Feb-2025 Release 1, which stems from a mismanagement of permissions issue contained in...

CVE-2023-42509

JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data...

Understanding Active Directory Attack Paths to Improve Security

Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks. As things tend to do, times,...

Wireshark 安全漏洞

Wireshark formerly known as Ethereal is a set of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark suffers from a denial of service vulnerability that stems from not properly...

ShellBot Malware Targets Mismanaged Linux Servers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ShellBot malware infects mismanaged Linux SSH servers and uses IRC protocol for C&C. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

IVPN Client 安全漏洞

IVPN Client is a VPN software client from IVPN Inc. It is used to encrypt Internet activity from hackers, ISPs, and others who have no business logging content that they have not chosen to share. A security vulnerability exists in IVPN Client version 2.6.6120.33863, which stems from the...

CVE-2021-36153

The CVE-2021-36153 entry affects gRPC Swift (GRPCWebToHTTP2ServerCodec.swift) in versions 1.1.0 and 1.1.1. The issue is a mismanaged state when parsing certain gRPC Web requests, which can allow remote attackers to cause a denial of service. Public sources in the connected documents confirm the a...

CVE-2021-36153

Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests...

Intel Processors 缓冲区错误漏洞

Intel Processors are American Intel Corporation's offerings for interpreting computer instructions and processing data in computer software. A buffer error vulnerability exists in the firmware of Intel Processors, which arises from mismanagement of system resources by a networked system or produc...

Cisco IOS XE Software ARP Resource Management Exhaustion Denial of Service (cisco-sa-arp-mtfhBfjE)

A vulnerability in Address Resolution Protocol ARP management of Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because ARP entries are...

Cisco IOS and IOS XE Software ARP Resource Management Exhaustion Denial of Service Vulnerability

A vulnerability in Address Resolution Protocol ARP management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. This vulnerability exists because A...

PT-2020-3913 · Microsoft · Windows Active Directory Integrated Dns +1

Name of the Vulnerable Software and Affected Versions: Windows Active Directory integrated DNS ADIDNS affected versions not specified Description: An information disclosure issue exists due to the mishandling of objects in memory by Active Directory integrated DNS ADIDNS. This allows an...

The vulnerability of the Windows Delivery Optimization Service in Windows operating systems allows a perpetrator to increase their privileges.

The vulnerability of the Windows Delivery Optimization Service in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created script or application...