PT-2026-43799

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF subsystem where the BPF PROG DETACH operation on tcx or netkit devices could be executed by any user if no program file descriptor prog fd was provided. This...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, requiring CAPNETADMIN for the initial namespace...

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. "In the last 24 hours, we have identified a number of cases where the exploit was to a device th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000695 advisory. The tipcmsgbuild function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002381 advisory. The fib6add function in net/ipv6/ip6fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a deni...

EUVD-2006-2124

Malware in sbrugna...

EUVD-2006-5846

Malware in sbrugna...

EUVD-2023-50540

Malicious code in bioql PyPI...

CVE-2024-20438

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this...

D-Link DIR-846W Command Execution Vulnerability

D-Link DIR-846W is a dual-band Gigabit wireless router with second-generation 11AC technology and MU-MIMO technology, supporting dual-band concurrent transmission rates up to 1200Mbps for 200M and above broadband users. The D-Link DIR-846W suffers from a command execution vulnerability that stems...

D-Link DAP-1325 SubnetMask Command Injection Vulnerability

D-Link DAP-1325 is a wireless access point/bridge made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network to wireless network or connect different wireless networks. The D-Link DAP-1325 suffers from a command injection vulnerability th...

D-Link DIR-2640 Authentication Bypass Vulnerability

The D-Link DIR-2640 is a high power Wi-Fi router manufactured by the Chinese company AUO D-Link, which is mainly used to provide wireless network connectivity. The D-Link DIR-2640 suffers from an authentication bypass vulnerability that stems from the HNAP PrivateLogin authentication bypass...

kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()

A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially leadi...

CVE-2023-51617

D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability...

CVE-2023-41211

D-Link DAP-1325 SetHostIPv6StaticSettings StaticPrefixLength Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to...

CVE-2023-41192

D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...

CVE-2023-41194

D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...

The vulnerability of the sub_424320() function in D-Link DIR-823G router’s software allows a hacker to induce a service failure.

The vulnerability of the sub424320 function in D-Link DIR-823G router microprogramming software is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to trigger a service failure by sending a specially crafted HNAP1/SetIgnoreWizardConfig request...

D-Link DIR-822 安全漏洞

The D-Link DIR-822 is a wireless router from China's AUO D-Link. An access control error vulnerability exists in the D-Link DIR-822+ version V1.0.2, which stems from a login bypass issue in the HNAP1 interface that can be exploited by an attacker to log in to the administrator account using an...

What is Traffic Shaping ?

Unraveling the Enigma of Traffic Modulation Within the realm of digital information, data traffic parallels a high-speed freeway, ferrying packets of details to-and-fro. So what transpires when there's an excessive influx, leading to an overburdened data expressway? This is where the enigma of...