Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a NIC reset when reading statistics, which could lead to a null pointer dereference...

[SECURITY] Fedora 42 Update: containernetworking-plugins-1.9.0-1.fc42

Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...

CVE-2025-67499

A flaw was found in the CNI Container Network Interface portmap plugin. This vulnerability allows containers to intercept all traffic destined for a host port via inadvertent forwarding of traffic with the same destination port when the plugin is configured with the nftables backend, ignoring the...

EUVD-2025-175310

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary, specifically in the sub40BFA4 function that handles network interface reinitialization from '/var/system/linuxvlanreinit'. Input is only partially validated by checking...

CVE-2025-60683

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary, specifically in the sub40BFA4 function that handles network interface reinitialization from '/var/system/linuxvlanreinit'. Input is only partially validated by checking...

CVE-2025-60683

The CVE-2025-60683 entry concerns the TOTOLINK ToToLink A720R Router firmware (V4.1.5cu.614_B20230630). The sysconf binary’s sub_40BFA4 handling of network interface reinitialization from '/var/system/linux_vlan_reinit' concatenates unescaped input into shell commands after only partial validatio...

CVE-2024-32011

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to run arbitrary commands via the user interface. This user interface can be used via the network and allows the execution of commands as administrative application use...

CVE-2024-32011

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to run arbitrary commands via the user interface. This user interface can be used via the network and allows the execution of commands as administrative application use...

PT-2025-46536

Name of the Vulnerable Software and Affected Versions Spectrum Power 4 versions prior to 4.70 SP12 Update 2 Description The application is susceptible to arbitrary command execution through the user interface. This interface is accessible over the network, enabling command execution with...

Siemens Spectrum Power 安全漏洞

Siemens Spectrum Power is an energy management system from Siemens, Germany. A security vulnerability exists in Siemens Spectrum Power 4 versions prior to V4.70 SP12 Update 2, which originates from a user interface that can run arbitrary commands over the network, potentially resulting in the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989586)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989586 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After PF reset and ethtool -t there was call trace in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989337 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After PF reset and ethtool -t there was call trace in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989826)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989826 advisory. In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989264)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989264 advisory. In the Linux kernel, the following vulnerability has been resolved: igb: fix a use-after-free issue in igbcleantxring Fix the following use-after-free bug in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989166)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989166 advisory. In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUGON triggered in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from rndis-notifyreq becoming stale after a bind-unbind loop, which could lead to a null pointer dereference...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35915)

nfc: nci: Fix uninit-value in ncidevup and ncintfpacket This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503499; scriptversion"1.2";...

USN-7816-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled the mlx5 Ethernet poll mode driver. An attacker could possibly use this issue to obtain sensitive information, or cause the network interface to crash, resulting in a denial of service...

EUVD-2019-7639

Malware in sbrugna...

EUVD-2019-16511

Malware in sbrugna...