Astra Linux - уязвимость в wpa

Implementations of SAE in hostapd before version 2.10, and wpasupplicant before version 2.10, are vulnerable to side-channel attacks due to cache access patterns. NOTE: This issue exists due to an incomplete fix for CVE-2019-9494...

CVE-2026-42467

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadBinaryDataTransferDM16 causing a denial of service via crafted CAN frame on the J1939 bus...

CVE-2026-37534

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

PT-2026-36508

Name of the Vulnerable Software and Affected Versions Open-SAE-J1939 versions prior to commit b6caf884df46435e539b1ecbf92b6c29b345bdfe Description An integer underflow exists in the SAE J1939 Read Transport Protocol Data Transfer function. This allows attackers to write to arbitrary memory by usi...

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

CVE-2026-37534

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

CVE-2026-37534

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

CVE-2026-42467

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadBinaryDataTransferDM16 causing a denial of service via crafted CAN frame on the J1939 bus...

CVE-2020-10634

SAE IT-systems FW-50 Remote Telemetry Unit RTU. A specially crafted request could allow an attacker to view the file structure of the affected device and access files that should be inaccessible...

EUVD-2019-18868

Malware in sbrugna...

EUVD-2021-24388

Malware in sbrugna...

EUVD-2019-18870

Malware in sbrugna...

EUVD-2021-27472

Malicious code in bioql PyPI...

EUVD-2022-28388

Malicious code in bioql PyPI...

EUVD-2024-29350

Malicious code in bioql PyPI...

PT-2025-5982 · Unknown · Siberiancms

Name of the Vulnerable Software and Affected Versions: SiberianCMS version 4.20.6 Description: A problem was found in SiberianCMS, affecting some unknown functionality of the file /app/sae/design/desktop/flat of the component HTTP GET Request Handler. This leads to cross-site scripting. The attac...

MAL-2024-9180 Malicious code in sae-viewer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e232994dc60ca74f8ed71a17ce07b638d01a617b5ff03cdfed8b57b3c4e8ad8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sae-viewer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e232994dc60ca74f8ed71a17ce07b638d01a617b5ff03cdfed8b57b3c4e8ad8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Updated hostapd & wpa_supplicant packages fix security vulnerability

The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...