CVE-2026-20118

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

CVE-2025-20340

Cisco IOS XR Software contains an ARP processing vulnerability that can be triggered by an unauthenticated, adjacent attacker sending excessive ARP traffic to the management interface, causing a broadcast storm and DoS. Affected behavior includes degraded device performance, loss of management co...

Cisco IOS XE SD-WAN Software 信息泄露漏洞

Cisco IOS XE SD-WAN Software is a Cisco software for network management software-defined networking applied to the Cisco IOS XE network operating system. An information disclosure vulnerability exists in Cisco IOS XE SD-WAN Software that stems from an improper traffic filtering condition, which...

Russian organizations targeted by backdoor masquerading as secure networking software updates

As we were looking into a cyberincident in April 2025, we uncovered a rather sophisticated backdoor. It targeted various large organizations in Russia, spanning the government, finance, and industrial sectors. While our investigation into the attack associated with the backdoor is still ongoing, ...

ALSA-2025:3833 Important: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes:...

CVE-2025-20143

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from...

ROS-20230324-01

Vulnerability of Samba networking software package is related to errors in symbolic links processing. links. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the server's server file system Vulnerability of unwrapdes and unwrapdes3 functions of GSSAPI...

HumHub Cross-Site Scripting Vulnerability (CNVD-2022-82657)

HumHub is a set of open source social networking software written on the Yii PHP framework. HumHub suffers from a cross-site scripting vulnerability that could be exploited by attackers to insert malicious javascript into the space name...

VulnCheck KEV: CVE-2017-12231

A vulnerability in the implementation of Network Address Translation NAT functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service...

ROS-20220125-11

A vulnerability in the Http2MultiplexHandler class of the Netty networking software is related to incorrect request processing when converting HTTP/2 stream to HTTP/1.1. The exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity. an attacker acting...

CVE-2021-34714

A vulnerability in the Unidirectional Link Detection UDLD feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due t...

Cisco IOS XE Software 路径遍历漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A command injection vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient input validation. An attacker can exploit this vulnerability by...

CVE-2020-3422

A vulnerability in the IP Service Level Agreement SLA responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service DoS condition. The vulnerability exists because the IP SLA...

Jiaxing Wantsky Information Technology Co., Ltd. OpenSNS_v6.2.0 file upload vulnerabilities exist

OpenSNS is a comprehensive social networking software developed by Thinking Sky. You can use OpenSNS to quickly build a social networking site similar to the same social networking site as New Wave Microblogging. OpenSNSv6.2.0 has a file upload vulnerability that can be exploited by attackers to...

Authorization Bypass

openjdk is vulnerable to authorization bypass. An unspecified vulnerability allows remote attackers to affect integrity via unknown vectors related to Networking...

CVE-2018-15368

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...

Omron CX-One Code Execution Cave

Omron CX-One is an integrated toolkit from Omron Corporation of Japan Omron, which includes software for networking, PTs, inverters, temperature controllers, and PLC programming, etc. CX-FLnet, etc. are applications that are integrated into it. A security vulnerability exists in several pieces of...

Samba Patches Two Critical Vulnerabilities in Server Software

Two critical patches for the free networking software Samba were released Tuesday, addressing vulnerabilities that could allow an unprivileged remote attacker to launch a denial of service attack against servers running the software or allow an adversary to change user passwords, including the...