CVE-2026-4205 D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

CVE-2026-31883

FreeRDP (prior to 3.24.0) contains a heap-buffer-overflow in the RDPSND audio channel caused by a size_t underflow in the IMA-ADPCM and MS-ADPCM decoders (libfreerdp/codec/dsp.c). When nBlockAlign makes size % block_size == 0, subtraction of header sizes can underflow a size_t, wrapping to ~SIZE_...

UBUNTU-CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

CVE-2025-41694

A low privileged remote attacker can run the webshell with an empty command containing whitespace. The server will then block until it receives more data, resulting in a DoS condition of the websserver...

CVE-2025-41694 Authenticated Denial-of-Service via Webshell

A low privileged remote attacker can run the webshell with an empty command containing whitespace. The server will then block until it receives more data, resulting in a DoS condition of the websserver...

PT-2025-49813

A low privileged remote attacker can run the webshell with an empty command containing whitespace. The server will then block until it receives more data, resulting in a DoS condition of the websserver...

LSN-0115-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mienumattrCVE-2024-27407. In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was...

EUVD-2018-0302

Malware in sbrugna...

EUVD-2018-19986

Malware in sbrugna...

EUVD-2023-2890

Malicious code in bioql PyPI...

PT-2025-33: Security restriction bypass in macOS Shortcuts

The vulnerability was identified in macOS Shortcuts, versions to macOS Sequoia 15.5. The discovered vulnerability allows an attacker to bypass security restrictions and execute arbitrary code delivered via an FTP or SMB server. Vulnerability status: Confirmed by vendor Date of vulnerability...

Mullvad VPN 安全漏洞

Mullvad is a commercial VPN service from Mullvad Inc. A security vulnerability exists in Mullvad VPN version 2024.1 and prior versions, which stems from a security flaw that can set DNS servers to a blocking state, resulting in a security vulnerability...

Libnbd: crash or misbehaviour when nbd server returns an unexpected block size

...

CVE-2017-16030

Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier...

CVE-2017-16030

CVE-2017-16030 affects the Node.js module responsible for parsing User-Agent strings (library in the useragent package). The vulnerability stems from the use of multiple regular expressions to parse headers, allowing an attacker to craft an arbitrarily long User-Agent header that can block the ev...

Information disclosure

The Microsoft Server Block Message SMB on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it...

Denial of service

The Microsoft Server Block Message SMB on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends...

CVE-2017-11815

The Microsoft Server Block Message SMB on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it...

KLA11111 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...