CVE-2026-43359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

Astra Linux - уязвимость в net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use an improperly formatted OID in a SET request to the nsVacmAccessTable, causing a NULL pointer derefrence. Version 5.9.2 includes a patch to addre...

CVE-2026-31679

In the Linux kernel, the following vulnerability has been resolved: openvswitch: validate MPLS set/setmasked payload length validateset accepted OVSKEYATTRMPLS as variable-sized payload for SET/SETMASKED actions. In action handling, OVS expects fixed-size MPLS key data struct ovskeympls. Use the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992315 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the valu...

Command Injection Vulnerability in TOTOLINK N200RE setOpModeCfg

The TOTOLINK N200RE is a wireless broadband router for small office or home SOHO environments. The TOTOLINK N200RE suffers from a command injection vulnerability that stems from a command injection of hostName in setOpModeCfg. No details of the vulnerability are provided at this time...

CVE-2025-55893

TOTOLINK N200RE V9.3.5u.6437B20230519 is vulnerable to command Injection in setOpModeCfg via hostName...

CVE-2025-55893

The CVE-2025-55893 entry targets TOTOLINK N200RE with a command-injection flaw in setOpModeCfg exposed via the hostName parameter. Affected firmware: N200RE 9.3.5u.6437_B20230519. Root cause is command injection in hostName handling; impact is potential unauthorized control of the device. Exploit...

CVE-2025-12258

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from...

CVE-2025-12258 TOTOLINK A3300R POST Parameter cstecgi.cg setOpModeCfg stack-based overflow

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from...

EUVD-2021-1228

Malware in sbrugna...

PT-2025-37631

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the block, bfq subsystem, specifically related to bfqq in the bfq exit icq bfqq function. The commit 64dc8c732f5c addresses this b...

SUSE CVE-2025-37846

In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception is taken from a SET...

CVE-2025-37846

In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception is taken from a SET...

CVE-2025-37846

In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception is taken from a SET...

CVE-2025-37846

CVE-2025-37846 (Linux kernel, arm64) is a vulnerability in the mops path that incorrectly dereferenced the source register during a SET* sequence. The root cause is that the source register (not used for SET* operations) could be read, leading to a UBSAN out-of-bounds array access when the MOPS e...

PT-2025-20497

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2de451a329cf662b Description A vulnerability in the Linux kernel has been resolved, specifically related to the arm64 architecture. The issue involves the source register not being used for SET operations, and...

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application from Synology Inc. of China. It provides intelligent monitoring and video management tools to protect your valuable assets. A security vulnerability exists in Synology Surveillance Station versions prior to 9.2.0-11289 and 9.2.0-9289. By exploiting...

ALPINE-CVE-2022-24810

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

DEBIAN-CVE-2022-24810

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

CVE-2023-52030

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the setOpModeCfg function...