EUVD-2025-209824

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

CVE-2025-29338

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

CVE-2025-29338

CVE-2025-29338 affects the NXP moal.ko Wi‑Fi kernel driver (driver version 5.1.7.10) across firmware builds from v17.92.1.p149.43 to v17.92.1.p149.157. The root cause is a stack‑based buffer overflow in the parsing path: woal_setup_module_param allocates a fixed stack buffer and parse_cfg_get_lin...

CVE-2025-29338

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

CVE-2025-29338

NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: xen: Speed up the process of reclaiming grant tables When a grant entry is still in use by the remote domain, Linux must place it on a deferred list. Normally, this list is very short, because the PV network and block protocol...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: power: supply: bq27xxx: Fixed handling of pollinterval and races during removal operations. Before this patch, bq27xxxbatteryteardown set pollinterval to 0 to avoid requeuing the delayedwork item during bq27xxxbatteryupdate...

CVE-2026-26795

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.getsystemlog function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

EUVD-2026-11627

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.getsystemlog function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2026-26795

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.getsystemlog function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2026-26795

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.getsystemlog function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2026-26795

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.getsystemlog function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

PT-2026-25027

🔴 CVE-2026-26795 - Critical GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.get system log function. This vulnerability allows attackers to e... https://t.co/NCxeIgOxEq https://t.co/P5rgFdajLA...

OpenSTAManager has an SQL Injection in the Stampe Module

Vulnerability Details Location - File: modules/stampe/actions.php - Line: 26 - Vulnerable Code: php case 'update': if !emptyintvalpost'predefined' && !emptypost'module' $dbo-query'UPDATE zzprints SET predefined = 0 WHERE idmodule = '.post'module'; // ↑ Direct concatenation without prepare...

SUSE CVE-2023-54081

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...

EUVD-2023-60364

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...

CVE-2023-54081

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...

CVE-2023-54081 xen: speed up grant-table reclaim

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...

CVE-2023-54081

CVE-2023-54081 affects the Linux kernel Xen grant-table reclaim path. When a grant entry is still in use by the remote domain, the VM may accumulate a large deferred-list, causing a severe memory leak and potential VM freeze, notably in Qubes OS due to GUI/window handling constraints. The fix mak...

CVE-2023-54081 xen: speed up grant-table reclaim

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...