Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ionic: Use devconsumeskbany outside of NAPI. If we are not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb. Specifically, we need to call it with budget == 0 to signal that we are not in a safe...

CVE-2026-31640

A flaw was found in the Linux kernel's rxrpc component. This vulnerability occurs in the rxrpcpostresponse function, where the system incorrectly compares a newer network packet's data instead of the expected cached response. This error causes the challenge serial number comparison to always be...

CVE-2026-20118

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

CVE-2026-20118

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

CVE-2026-20118 Cisco IOS-XR NCS 5500 and NCS 5700 Egress Packet Network Interfaces Aligner Interrupt Denial of Service Vulnerability

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

CVE-2026-20118

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the activation of interrupts before the NAPI context is initialized, potentially leading to kerne...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001327 advisory. An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to...

EUVD-2007-2033

Malware in sbrugna...

EUVD-2025-20915

Malicious code in bioql PyPI...

EUVD-2023-37292

Malicious code in bioql PyPI...

Volkswagen MIB3 Infotainment 安全漏洞

Volkswagen MIB3 Infotainment is an infotainment system on a vehicle from Volkswagen Germany. A security vulnerability exists in the Volkswagen MIB3 Infotainment that stems from a lack of memory isolation between CPU cores, which could allow an attacker to compromise the CPU core responsible for C...

com.farao-community.farao:csa-runner-api (>=1.3.1 <=2.6.1), com.farao-community.farao:csa-runner-app (>=1.3.1 <=2.6.1) +97 more potentially affected by CVE-2025-48059 via com.powsybl:powsybl-iidm-criteria (>=6.3.0 <=6.7.1)

com.powsybl:powsybl-iidm-criteria MAVEN version =6.3.0, =1.3.1, =1.3.1, =1.18.0, =1.18.0, =1.4.0, =1.6.0, =1.12.0, =1.27.0, =1.27.0, =1.27.0, =1.27.0, =1.27.0, =1.24.0, =1.6.2, =1.13.0 and more Source cves: CVE-2025-48059 Source advisory:...

CVE-2024-4741

Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...

CVE-2024-4741 Use After Free with SSL_free_buffers

Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...

SUSE CVE-2024-44932

In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes very rarely, but possible throwing WARNs from net/core/pagepool.c:pagepooldisabledirectrecycling. Turned out idpf frees interrupt vectors with...

UBUNTU-CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

PT-2024-12409 · Qualcomm · Snapdragon +44

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a Transient Denial of Service DOS that occurs while processing CAG info IE received from NW. No information is provided about th...

The vulnerability of the library for processing files and network operations, hutool-json, is related to writing beyond the buffer boundaries in memory. This allows a malicious actor to cause a service failure.

The vulnerability of the hutool-json library for file processing and network operations is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the WLAN microprogramming technology implementation in Qualcomm’s embedded chips allows a intruder to gain unauthorized access to protected information.

The vulnerability of the WLAN microprogramming software implementation in Qualcomm’s embedded chips relates to unvalidated array indexing during the processing of ANQP elements. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by sending...