151 matches found
[SECURITY] Fedora 44 Update: podman-tui-1.11.3-1.fc44
podman-tui is a terminal user interface for Podman. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...
GHSA-Q59X-JC9F-GFQF Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery SSRF vulnerability in three administrative endpoints used for remote Signal K server connection management. The makeRemoteRequest function accepts attacker-controlled host, port, useTLS, and...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the magick -distribute-cache process. An attacker can cause a heap buffer overwrite in the server process by connecting to the service. Remediation A fix was pushed into the master branch but not yet...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcievent: Fixed a potential Use-after-Allocation UAF issue in hcileremoteconnparamreqevt. Field access related to hciconn must be protected by the hcidevlock mechanism in hcileremoteconnparamreqevt. Otherwise, it’s...
EUVD-2026-26617
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...
CVE-2026-43018
The CVE-2026-43018 entry is confirmed: a Use-After-Free in Linux kernel Bluetooth HCI event handling (hci_le_remote_conn_param_req_evt) due to insufficient locking during hci_conn lookup/access. The vulnerability arises from hci_conn lookup and field access not always being protected by the hdev ...
CVE-2026-43018
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...
CVE-2026-43018 Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...
CVE-2026-43018 Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...
PT-2026-36435
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the Bluetooth component. In the hci le remote conn param req evt function, the hci conn lookup and field access are not properly protected by the hde...
CVE-2026-33892
A vulnerability has been identified in Industrial Edge Management Pro V1 All versions = V1.7.6 = V2.0.0 = V2.2.0 V2.8.0. Affected management systems do not properly enforce user authentication on remote connections to devices. This could facilitate an unauthenticated remote attacker to circumvent...
CVE-2026-33892
A vulnerability has been identified in Industrial Edge Management Pro V1 All versions = V1.7.6 = V2.0.0 = V2.2.0 V2.8.0. Affected management systems do not properly enforce user authentication on remote connections to devices. This could facilitate an unauthenticated remote attacker to circumvent...
CVE-2026-33892
A vulnerability has been identified in Industrial Edge Management Pro V1 All versions = V1.7.6 = V2.0.0 = V2.2.0 V2.8.0. Affected management systems do not properly enforce user authentication on remote connections to devices. This could facilitate an unauthenticated remote attacker to circumvent...
Malicious code in gridifys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e5ce4a5dacaa769b90c359a5f03065f1d0418808b1ff366fe0d9cf6e21da4dd2 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
EUVD-2025-203895
A vulnerability in the application software of multiple Radiometer products may allow remote code execution and unauthorized device management when specific internal conditions are met. Exploitation requires that a remote connection is established with additional information obtained through othe...
AnyDesk 安全漏洞
AnyDesk is a remote desktop connection software from the German company AnyDesk. A security vulnerability exists in AnyDesk 9.0.4 and earlier versions that originates from a remote connection user with Control My Device privileges can manipulate remote AnyDesk settings and create a password for a...
Oxford Nanopore Technologies MinKNOW 安全漏洞
Oxford Nanopore Technologies MinKNOW is a data acquisition control and monitoring software from Oxford Nanopore Technologies, UK. A security vulnerability exists in Oxford Nanopore Technologies MinKNOW versions prior to 24.11, which stems from an authentication token stored in the system temporar...
EUVD-2006-3810
Malware in sbrugna...
EUVD-2020-8067
Malware in sbrugna...
EUVD-2020-8066
Malware in sbrugna...