CVE-2026-20118

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

CVE-2025-20340

Cisco IOS XR Software contains an ARP processing vulnerability that can be triggered by an unauthenticated, adjacent attacker sending excessive ARP traffic to the management interface, causing a broadcast storm and DoS. Affected behavior includes degraded device performance, loss of management co...

Cisco IOS XE SD-WAN Software 信息泄露漏洞

Cisco IOS XE SD-WAN Software is a Cisco software for network management software-defined networking applied to the Cisco IOS XE network operating system. An information disclosure vulnerability exists in Cisco IOS XE SD-WAN Software that stems from an improper traffic filtering condition, which...

Russian organizations targeted by backdoor masquerading as secure networking software updates

As we were looking into a cyberincident in April 2025, we uncovered a rather sophisticated backdoor. It targeted various large organizations in Russia, spanning the government, finance, and industrial sectors. While our investigation into the attack associated with the backdoor is still ongoing, ...

ALSA-2025:3833 Important: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes:...

CVE-2025-20143

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from...

The vulnerability of the Lab Handler component in the EVE-NG multi-user networking emulation software allows a attacker to perform XSS attacks.

The vulnerability of the Lab Handler component in the EVE-NG multi-user networking emulator exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the HTTP-based client profiling function in Cisco IOS XE allows a hacker to trigger a service failure.

The vulnerability of the HTTP-based client profiling function in Cisco IOS XE exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

ROS-20230324-01

Vulnerability of Samba networking software package is related to errors in symbolic links processing. links. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to the server's server file system Vulnerability of unwrapdes and unwrapdes3 functions of GSSAPI...

HumHub Cross-Site Scripting Vulnerability (CNVD-2022-82657)

HumHub is a set of open source social networking software written on the Yii PHP framework. HumHub suffers from a cross-site scripting vulnerability that could be exploited by attackers to insert malicious javascript into the space name...

VulnCheck KEV: CVE-2017-12231

A vulnerability in the implementation of Network Address Translation NAT functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service...

ROS-20220125-11

A vulnerability in the Http2MultiplexHandler class of the Netty networking software is related to incorrect request processing when converting HTTP/2 stream to HTTP/1.1. The exploitation of the vulnerability could allow an attacker acting remotely to affect data integrity. an attacker acting...

CVE-2021-34714

A vulnerability in the Unidirectional Link Detection UDLD feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due t...

The vulnerability of the vDaemon process in Cisco IOS XE SD-WAN microprogramming software allows a attacker to trigger a service failure.

The vulnerability of the vDaemon microprogramming software for Cisco IOS XE SD-WAN exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted traffic to the vulnerable device...

Cisco IOS XE Software 路径遍历漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A command injection vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient input validation. An attacker can exploit this vulnerability by...

The vulnerability of the ncacn_np function in the Samba networking software package, related to security vulnerabilities, allows attackers to compromise data integrity.

The vulnerability of the ncacnnp function in the Samba networking software package is related to security flaws. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

CVE-2020-3422

A vulnerability in the IP Service Level Agreement SLA responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service DoS condition. The vulnerability exists because the IP SLA...

Jiaxing Wantsky Information Technology Co., Ltd. OpenSNS_v6.2.0 file upload vulnerabilities exist

OpenSNS is a comprehensive social networking software developed by Thinking Sky. You can use OpenSNS to quickly build a social networking site similar to the same social networking site as New Wave Microblogging. OpenSNSv6.2.0 has a file upload vulnerability that can be exploited by attackers to...