Astra Linux - уязвимость в webkit2gtk

A port redirection issue has been resolved with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4, and iPadOS 14.4, as well as Safari 14.0.3. A malicious website may be able t...

HomeBox 代码问题漏洞

HomeBox is an open-source system developed by SysAdmins Media for home users. Versions of HomeBox prior to 0.24.0-rc.1 contained code vulnerabilities. These vulnerabilities stemmed from the notification program’s functionality, which allowed authenticated users to specify arbitrary URLs without...

GHSA-X288-3778-4HHX Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline

A Server-Side Request Forgery SSRF vulnerability has been identified in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL reconstruction logic directly trusts and consumes user-controlled HTTP headers specifically the Host and X-Forwarded- family t...

CVE-2026-1413

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

CVE-2026-1413

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

PT-2026-4716

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ip and port/port validate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

CVE-2026-22982

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...

CVE-2026-22982

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...

Server-Side Request Forgery (SSRF)

PowerJob is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of the targetIp and targetPort parameters in the checkConnectivity function of PingPongUtils, allowing attackers to trigger server-side network requests to arbitrary destinations...

CVE-2025-54469

A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...

EUVD-2016-4837

Malware in sbrugna...

CVE-2022-50475

CVE-2022-50475 : In the Linux kernel, the RDMA/core path fixes an issue where the ib_port structure could be invalid when accessing a sysfs node. The vulnerability arises if ib_port is not properly set before adding the sysfs kobject and not reset after its removal, which could lead to a NULL poi...

CVE-2022-50475 RDMA/core: Make sure "ib_port" is valid when access sysfs node

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ibport" is valid when access sysfs node The "ibport" structure must be set before adding the sysfs kobject, and reset after removing it, otherwise it may crash when accessing the sysfs node: Unable to handle...

EUVD-2021-7263

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the mlx5ibgethwstats function not properly validating the port number when processing device statistics, which...

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Validates nvmelocalport correctly The driver load failed with the following error message: qla2xxx 0000:04:00.0-ffff:0: registerlocalport failed: ret=ffffffef And there was a kernel crash: BUG: Unable to handle ...

CVE-2025-21689 USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()

In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2processreadurb This patch addresses a null-ptr-deref in qt2processreadurb due to an incorrect bounds check in the following: if newport serial-numports deverr&port-dev, "%s - port...

DEBIAN-CVE-2024-42286

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvmelocalport correctly The driver load failed with error message, qla2xxx 0000:04:00.0-ffff:0: registerlocalport failed: ret=ffffffef and with a kernel crash, BUG: unable to handle kernel NULL pointer...

UBUNTU-CVE-2024-42286

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvmelocalport correctly The driver load failed with error message, qla2xxx 0000:04:00.0-ffff:0: registerlocalport failed: ret=ffffffef and with a kernel crash, BUG: unable to handle kernel NULL pointer...