D-Link DIR-605L 信任管理问题漏洞

The D-Link DIR-605L is a wireless router produced by D-Link Corporation. The D-Link DIR-605L in the Hardware Revision A1 version has a trust management vulnerability. This vulnerability stems from a hard-coded telnet backdoor, which allows unauthorized attackers on the local network to obtain roo...

D-Link DIR-605L 信任管理问题漏洞

The D-Link DIR-605L is a wireless router produced by D-Link Corporation. The D-Link DIR-605L Hardware Revision B2 version has a vulnerability related to trust management. This vulnerability stems from a hard-coded telnet backdoor, which allows unauthenticated attackers on the local network to...

D-Link DIR-600L 信任管理问题漏洞

The D-Link DIR-600L is an entry-level wireless router from D-Link Corporation. It supports 150Mbps wireless transmission and has 4 Gigabit wired ports. The DIR-600L has a trust management vulnerability, which stems from a hard-coded telnet backdoor. This vulnerability could allow unauthenticated...

PT-2026-36833

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L Hardware Revision A1 Description A hardcoded telnet backdoor exists where the device starts a telnet daemon at boot via the /bin/telnetd.sh script. The system uses a static username "Alphanetworks" and password "wrgn35 dlwbr...

MiracleLinux 8 : PackageKit-1.1.12-8.el8_10 (AXSA:2026-529:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-529:01 advisory. PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 Tenable has extracted the preceding description block...

Astra Linux – Vulnerability in xrdp

XRDPT is an open-source remote desktop protocol RDP server. In affected versions, an integer underflow leading to a heap overflow in the SESMAN server allows any unauthenticated attacker who can access the SESMAN server locally to execute code as root. This vulnerability has been patched in versi...

Astra Linux – Vulnerability in open-vm-tools

open-vm-tools contains a file descriptor hijacking vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

Astra Linux – Vulnerability in Ceph

A privilege escalation flaw was discovered in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root through a crash dump, thereby exposing privileged information...

Astra Linux – Vulnerability in firejail

A privilege context switching issue was discovered in the join.c file of Firejail 0.9.68. By creating a fake Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment where the Linux user namespace remains the initial user...

Astra Linux – Vulnerability in pmix

In versions of OpenPMIx PMIx prior to 4.2.6 and 5.0.x before 5.0.1, attackers could obtain ownership of arbitrary files due to a race condition during the execution of library code with a UID of 0...

Astra Linux – Vulnerability in sssd

A flaw was discovered in SSSD, where the sssctl command was vulnerable to shell command injection through the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into executing a specially crafted sssctl command, such as using sudo, in order to gain root...

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Heap-based Buffer Overflows because it mishandles the "-F’.‘” syntax on the command line. This may allow privilege escalation from any user to root. This issue occurs due to the incorrect interpretation of negative sizes in the strncpy function...

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper neutralization of line delimiters, which is relevant in non-default configurations that enable Delivery Status Notification DSN. Certain uses of ORCPT= can cause a new line to be inserted into a spool header file, thereby indirectly allowing unauthenticated...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: preventing shift wrapping in rtw89coremlsrswitch The value of “linkid” comes from the user via debugfs. If it is larger than BITSPERLONG, it will result in shift wrapping, potentially leading to out-of-bounds...

Astra Linux – Vulnerability in Linux, Linux 5.10

The decodedata function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 contains a slab out-of-bounds write vulnerability. Input from a process that has the CAPNETADMIN capability can lead to root access...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

A issue was discovered in lib/kobject.c in the Linux kernel before version 6.2.3. With root access, an attacker can trigger a race condition that results in an out-of-bounds write of the fillkobjpath variable...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940-POC cPanel/WHM Authentication Bypass Proof of...

OESA-2026-2140 PackageKit security update

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API. Security Fixes: PackageKit is a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro,...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — "Copy Fail": Linux Kernel algifaead Local...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Copy Fail CVE-2026-31431 – Exploit Usage Guide ⚠️ Discla...