CVE-2026-46543 nimiq-blockchain: Genesis batch set request

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates...

EUVD-2024-55612

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2024-27892

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2024-27890

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2024-27892

Arista CVE-2024-27892 affects Arista EOS platforms running OpenConfig, where a gNMI Set request can be allowed when it should be rejected, enabling unexpected configuration changes. Impact is elevated integrity/availability risk under network attack vectors; OpenConfig must be enabled with SSL pr...

CVE-2024-27892 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2024-27890 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which stems from the fact that when configuring OpenConfig, a gNMI Set request that should be rejected may still be...

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable” to cause a NULL pointer dereference. Version 5.9.2 includes a patch to addres...

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable could lead to an out-of-bounds memory access. A user with read-write credentials could exploit this issue. Versio...

EUVD-2026-20841

A security vulnerability has been detected in awwaiid mcp-server-taskwarrior up to 1.0.1. This impacts the function server.setRequestHandler of the file index.ts. Such manipulation of the argument Identifier leads to command injection. The attack must be carried out locally. The exploit has been...

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview mcp-server-taskwarrior is a MCP server for taskwarrior Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the server.setRequestHandler function. An attacker can execute arbitrary command...

MiracleLinux 9 : net-snmp-5.9.1-13.el9_4.3 (AXSA:2024-8863:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8863:05 advisory. net-snmp: A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. CVE-2022-24805 : net-snmp:...

SUSE CVE-2025-68726

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

EUVD-2025-205071

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

CVE-2025-68726

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

Ruijie X30 PRO 安全漏洞

Ruijie X30 PRO is a home wireless router from Ruijie China. A security vulnerability exists in the Ruijie X30 PRO X30-PRO-V109241521 version, which stems from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devsta/nbrcwmp.lua, which could lead to the...

DEBIAN-CVE-2025-40182

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

CVE-2025-40182 crypto: skcipher - Fix reqsize handling

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

MikroTik RouterOS Improper Input Validation (CVE-2008-6976)

MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows remote attackers to modify Network Management System NMS settings via a crafted SNMP set request. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...