CVE-2026-1544

CVE-2026-1544 affects D-Link DIR-823X (firmware 250416). The vulnerability is in the function sub_41E2A0 of /goform/set_mode, where manipulation of the lan_gateway argument enables remote command injection. Exploitation has been publicly released, and the issue affects devices no longer supported...

CVE-2026-1544 D-Link DIR-823X set_mode sub_41E2A0 os command injection

A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub41E2A0 of the file /goform/setmode. Performing a manipulation of the argument langateway results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to...

CVE-2025-38665

CVE-2025-38665 (Linux kernel CAN): A NULL pointer dereference in netlink can_changelink() when restarting a CAN device, due to missing can_priv::do_set_mode callback. Two code paths call this callback: manual restart via can_changelink() and delayed automatic restart after bus off. The fix preven...

DEBIAN-CVE-2013-2000

Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XDGAQueryModes and 2 XDGASetMode functions...