1377 matches found
CVE-2026-10658 Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS
A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In btisorecv subsys/bluetooth/host/iso.c, when processing PB=START/SINGLE fragments, the code pulls a TS SDU header 8 bytes, ts=1 or a non-TS SDU header 4 bytes, ts=0 without firs...
[SECURITY] Fedora 43 Update: alertmanager-0.33.0-1.fc43
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It a lso takes care of silencing and inhibition of alerts...
GHSA-W5CV-PW74-4RXC opentelemetry-collector-contrib: githubreceiver silently ignores configured required_headers authentication
githubreceiver Silently Ignores Configured requiredheaders Authentication Summary The githubreceiver webhook handler does not enforce the requiredheaders configuration. Headers are validated at startup config rejects empty keys/values but never checked on incoming requests. This follows the same...
CVE-2026-47209
vm2 (Node.js sandbox) had a vulnerability in the BaseHandler.set trap that ignores the receiver parameter and always writes to the host target, enabling inherited-property writes to leak onto host objects via prototype chains. This can allow attackers to assign Symbol-keyed properties (e.g., node...
The Chronicles of Radio Frequency Fingerprinting
Radio Frequency Fingerprinting RFF has evolved from an early idea for radar emitter identification into a broad research field for wireless device identification and spectrum monitoring for security. Rather than presenting a conventional literature survey, this work provides a critical historical...
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21033
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
EulerOS Virtualization 2.13.1 : rsync (EulerOS-SA-2026-2150)
According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a...
CVE-2025-41278
Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Host...
CVE-2025-41280
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal Zip Slip in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is configured and file compression is enabled...
CVE-2026-49189
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
OESA-2026-2552 rsync security update
Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...
OESA-2026-2551 rsync security update
Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...
OESA-2026-2550 rsync security update
Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...
OESA-2026-2549 rsync security update
Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...
EUVD-2026-34805
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-49189
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-49189
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...
CVE-2026-49189 Broadcast Receiver Privilege Escalation
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...