Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013407 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure sndnxt is properly initialized on connect Christoph reported a splat hinting at a...

CVE-2026-30867

CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. If an attacker...

CVE-2026-30867

CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. If an attacker...

CVE-2026-4958

A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.onconnect/ReplayServer.senddata of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of the argument interactionid leads to authorization...

CVE-2026-4958

A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.onconnect/ReplayServer.senddata of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of the argument interactionid leads to authorization...

OESA-2026-1570 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect...

freerdp: FreeRDP: Denial of Service and potential code execution via use-after-free vulnerability

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit this vulnerability when a client connects to it. Specifically, offscreen bitmap deletion can lead to a use-after-free UAF condition, where the client attempts to use memory that has...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387873)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387873 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snduna is properly initialized on connect This is strictly related to commit...

DEBIAN-CVE-2024-57974

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

kernel: mptcp: ensure snd_nxt is properly initialized on connect

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure sndnxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snduna: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 mptcpcleanuna+0x4b3/0x620 net/mptcp/protocol.c:1005 Modules...

UBUNTU-CVE-2024-36889

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure sndnxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snduna: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 mptcpcleanuna+0x4b3/0x620 net/mptcp/protocol.c:1005 Modules...

SUSE CVE-2014-9018

Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors...

Sonicwall < 8.1.0.6-21sv - gencsr.cgi Command Injection Exploit

Exploit for cgi platform in category web applications Exploit Title: Sonicwall gencsr CGI Remote Command Injection Vulnerablity Date: 12/24/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sonicwall.com Software Link: sonicwall.com/products/sra-virtual-appliance Version: 8.1.0.6-21...

Sonicwall SRA 8.1.0.2-14sv gencsr.cgi Command Injection

Exploit Title: Sonicwall gencsr CGI Remote Command Injection Vulnerablity Date: 12/24/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sonicwall.com Software Link: sonicwall.com/products/sra-virtual-appliance Version: 8.1.0.6-21sv Tested on: 8.1.0.2-14sv CVE : awaiting cve vuln:...

Sonicwall SRA 8.1.0.2-14sv Remote Command Execution

Exploit Title: Sonicwall extensionsettings scriptname Remote Command Injection Vulnerablity Date: 12/25/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sonicwall.com Software Link: sonicwall.com/products/sra-virtual-appliance Version: 8.1.0.2-14sv Tested on: 8.1.0.2-14sv CVE :...

Sonicwall 8.1.0.2-14sv - &#039;viewcert.cgi&#039; Remote Command Injection (Metasploit)

Exploit Title: Sonicwall viewcert.cgi CGI Remote Command Injection Vulnerablity Date: 12/24/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sonicwall.com Software Link: sonicwall.com/products/sra-virtual-appliance Version: 8.1.0.2-14sv Tested on: 8.1.0.2-14sv CVE : awaiting cve...

CVE-2016-6145

The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides different error messages for failed login attempts depending on whether the username exists and is locked when the detailederroronconnect option is not supported or is configured as "False," which allows remote attackers to enumerat...

DEBIAN-CVE-2014-9018

Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors...

UBUNTU-CVE-2014-9018

Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors...

CVE-2014-9018

Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors...