34 matches found
CVE-2026-1677
Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fixed the driver update version check. The security-version-number check should be used instead of the runtime version check for driver updates. Otherwise, the firmware update will fail when the update binary has...
EUVD-2026-21180
In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...
EUVD-2025-10503
Malicious code in bioql PyPI...
SUSE CVE-2025-39701
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...
DEBIAN-CVE-2025-39701
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...
AZL-66998 CVE-2025-39701 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...
CVE-2025-39701
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...
UBUNTU-CVE-2025-39701
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...
CVE-2025-39701 ACPI: pfr_update: Fix the driver update version check
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...
CVE-2025-39701
Technical details for CVE-2025-39701 are not provided in the supplied documents. Monitor official kernel advisories for affected versions, impact, and remediation, as available information in connected sources is not detailed for this CVE.
CVE-2025-39701 ACPI: pfr_update: Fix the driver update version check
In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...
Grafana 11.1.x < 11.6.0+security-01 Cross-site Scripting
According to its self-reported version, the Grafana install hosted on the remote host is 11.1.x earlier than 11.2.8+security-01, or 11.1.x earlier than 11.3.5+security-01, or 11.1.x earlier than 11.4.3+security-01, or 11.1.x earlier than 11.5.3+security-01, or 11.1.x earlier than...
CVE-2020-9320
Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security Gateway, Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and...
CVE-2020-14483
A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara Versions 4.6.96.28, 4.7.109.20, 4.7.110.32, 4.8.0.110 and Niagara Enterprise Security Versions 2.4.31, 2.4.45, 4.8.0.35 to corre...
Improper Preservation of Permissions
Overview github.com/grafana/grafana/pkg/api/pluginproxy is an open-source platform for monitoring and observability. Affected versions of this package are vulnerable to Improper Preservation of Permissions in the proxy routing behavior, which allows certain users to bypass dashboard-specific...
CVE-2025-29989
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...
CVE-2025-29989
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...
CVE-2025-29989
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...
CVE-2025-29989
Dell Client Platform BIOS contains a Security Version Number Mutable to Older Versions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to BIOS upgrade denial...