383 matches found
CVE-2026-51603
CVE-2026-51603 affects Tenda CP3 V3.0 with firmware V31.1.9.91, where the RTSP service is vulnerable to a stack-based buffer overflow via a crafted second SETUP request after a legitimate first SETUP. The issue arises in the second-stage URL routing parser when validating the URL length, allowing...
CVE-2026-53354 arm64: errata: Mitigate TLBI errata on various Arm CPUs
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...
CVE-2026-53354 arm64: errata: Mitigate TLBI errata on various Arm CPUs
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...
CVE-2026-50699
A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...
EUVD-2026-38795
A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...
CVE-2026-50699
A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...
CVE-2026-50699 Frappe Framework 17.0.0-dev - Stored XSS in Auto Repeat dashboard schedule rendering
A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev. An authenticated attacker with write access to Auto Repeat can persist HTML/JavaScript in referencedocument using a whitelisted write path and trigger script execution when users open the affected Auto...
CVE-2026-50699
Summary: CVE-2026-50699 affects the Frappe Framework (version 17.0.0-dev) and concerns a Stored XSS in the Auto Repeat dashboard rendering. An attacker who has write access to Auto Repeat can persist HTML/JavaScript in the reference_document through a whitelisted write path. When users open the a...
[SECURITY] Fedora 44 Update: python-django5-5.2.15-1.fc44
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
RLSA-2023:7052 Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: The repeatcallcontrol is deallocated if damoncall fails. damoncall for managing repeatcallcontrol of DAMONSYSFS may fail if the kdamond is stopped before the damoncall. This can occur, for example, when the damon...
PT-2026-41719
Name of the Vulnerable Software and Affected Versions Summarize versions prior to 0.15.1 Description A path traversal issue exists in the '/v1/summarize' daemon endpoint. Authenticated users can write files to arbitrary directories by providing an absolute path or directory traversal sequence in...
Tenda AC6 命令注入漏洞
Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version 15.03.06.49multiTDE01 of Tenda AC6 has a command injection vulnerability. This vulnerability stems from the function fromSetWirelessRepeat in the goform/WifiExtraSet module of the httpd component, which processes...
PT-2026-39562
Name of the Vulnerable Software and Affected Versions Tenda AC6 version 15.03.06.49 multi TDE01 Description A flaw in the httpd component allows remote attackers to perform OS command injection. The issue exists within the fromSetWirelessRepeat function located in the '/goform/WifiExtraSet'...
CLSA-2026-1777454082 pcre2: Fix of 2 CVEs
CVE-2022-1586: fix out-of-bounds read in JIT compilexclassmatchingpath - CVE-2022-41409: diagnose negative repeat value in pcre2test...
Linux Distros Unpatched Vulnerability : CVE-2026-31653
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs: dealloc repeatcallcontrol if damoncall fails damoncall for repeatcallcontrol of DAMONSYSFS could fail if somehow the kdamond is stopped before t...
CLSA-2026-1777308424 pcre2: Fix of CVE-2022-41409
CVE-2022-41409 diagnose negative repeat value in pcre2test subject line upstream 94e1c001 and change pcre2grep length variables from int to sizet to reject negative --buffer-size / --max-buffer-size upstream 7549fdca...
SUSE CVE-2026-31653
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeatcallcontrol if damoncall fails damoncall for repeatcallcontrol of DAMONSYSFS could fail if somehow the kdamond is stopped before the damoncall. It could happen, for example, when te damon context was...
DEBIAN-CVE-2026-31653
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeatcallcontrol if damoncall fails damoncall for repeatcallcontrol of DAMONSYSFS could fail if somehow the kdamond is stopped before the damoncall. It could happen, for example, when te damon context was...
CVE-2026-31653
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeatcallcontrol if damoncall fails damoncall for repeatcallcontrol of DAMONSYSFS could fail if somehow the kdamond is stopped before the damoncall. It could happen, for example, when te damon context was...