CVE-2026-34124

TP-Link Tapo C520WS v2.6 contains a DoS in HTTP path parsing: the raw request path length is restricted but path expansion during normalization is not accounted for, enabling adjacent-network attackers to craft requests that may cause buffer overflow and memory corruption, potentially interruptin...

CVE-2026-34124

A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent...

PT-2026-29894

Name of the Vulnerable Software and Affected Versions HiOS Switch Platform versions 09.1.00 through 09.4.04 and version 10.3.01. Description The HiOS Switch Platform contains a denial-of-service issue in the web interface. Remote attackers can reboot the affected device by sending a malicious HTT...

PT-2026-29851

A newly disclosed stack buffer overflow CVE-2026-34124 affects specific TP-Link devices within their HTTP server, potentially leading to Denial of Service DoS. The vulnerability is triggered by malformed HTTP GET requests, with the original summary also indicating a similar POST body overflow...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue CVE-2026-23066 In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative datalen in ibumadwrite CVE-2026-23243 In the Linux kernel, the...

Denial of Service Vulnerability in Siemens SICAM 8 Products

The SICAM A8000 RTU Remote Terminal Unit is a modular device for remote control and automation applications in all areas of energy supply.SICAM EGS Enhanced Grid Sensors is a gateway for local substations in the distribution network.The SICAM S8000 offers RTU functionality, PLCs, and communicatio...

CVE-2026-33366

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...

EUVD-2026-16551

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...

CVE-2026-33366

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...

CVE-2026-33366

CVE-2026-33366 concerns BUFFALO Wi-Fi router products with a vulnerability in a critical function that is missing authentication, potentially allowing an attacker to forcibly reboot the device over the network without valid credentials. The issue is described with two CVSS vectors: CVSS3.0 base s...

CVE-2026-33366

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...

CVE-2026-33366

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...

PT-2026-28477

Name of the Vulnerable Software and Affected Versions BUFFALO Wi-Fi router products affected versions not specified Description A missing authentication check for a critical function allows an attacker to forcibly reboot the product without authentication. There is no information about the number...

CVE-2017-20222

Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of...

CVE-2026-20012

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

CVE-2026-20012

The CVE-2026-20012 entry describes a memory-leak DoS in the IKEv2 handling of Cisco IOS, IOS XE, ASA, and FTDS (Threat Defense). Root cause: improper parsing of IKEv2 packets leading to conditions where devices reload (IOS/IOS XE) or exhaust memory to the point of instability (ASA/FTD). Affected ...

CVE-2026-20012

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

Security update for systemd

This update for systemd fixes the following issues: CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. udev: check for invalid chars in various fields...

CVE-2019-25568

Memu Play 6.0.7 contains an insecure file-permissions vulnerability that enables privilege escalation by replacing MemuService.exe in the installation directory with a malicious executable. An attacker can rename/overwrite MemuService.exe, causing the service to run at system level upon reboot. T...