etcd: Authorization bypasses in multiple APIs

...

Skill Scanner 安全漏洞

Skill Scanner is an open-source security scanner developed by Cisco AI Defense. Versions of Skill Scanner 1.0.1 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect binding of the API server to multiple interfaces, which may lead to denial-of-service attacks or...

CVE-2025-71082 Bluetooth: btusb: revert use of devm_kzalloc in btusb

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devmkzalloc in btusb This reverts commit 98921dbd00c4e "Bluetooth: Use devmkzalloc in btusb.c file". In btusbprobe, we use devmkzalloc to allocate the btusb data. This ties the lifetime of all the...

CVE-2018-25138

FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...

CVE-2023-53570 wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...

DEBIAN-CVE-2025-21776

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

AZL-57890 CVE-2025-21776 affecting package kernel for versions less than 6.6.79.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

UBUNTU-CVE-2025-21776

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

AZL-48741 CVE-2024-44997 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkwed: fix use-after-free panic in mtkwedsetuptcblockcb When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X. Previously, cbpriv was fre...

PT-2024-6979 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free panic in the mtk wed setup tc block cb function. When there are multiple ap interfaces on one band and with WED on, turning the interface down...

CVE-2023-44182 Junos OS and Junos OS Evolved: An Unchecked Return Value in multiple users interfaces affects confidentiality and integrity of device operations

An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion o...

CVE-2022-43366

IP-COM EW9 V15.11.0.149732 allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces...

SUSE-RU-2022:2145-1 Recommended update for SUSE Manager Proxy 4.1

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Adapted to build on Enterprise Linux. - Fix build for Red Hat 7 - Require Go = 1.14 also for CentOS - Add support for CentOS - Replace %?systemdrequires with %?systemdordering...

cPanel 注入漏洞

cPanel is a set of Web-based host control management system of the U.S. cPanel. A URL parameter injection vulnerability exists in multiple interfaces in versions of cPanel prior to 90.0.17. No detailed vulnerability details are provided at this time...

UBUNTU-CVE-2016-5400

Memory leak in the airspyprobe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service memory consumption via a crafted USB device that emulates many VFLTYPESDR or VFLTYPESUBDEV devices and performs many...