Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991172)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991172 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fix possible name leak in tcmloopsetuphbabus If deviceregister fails in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991175)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991175 advisory. In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

CVE-2023-53771

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

CVE-2025-40820

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...

Malicious code in ctosec-appsec-wb-xray-adapters (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71bd5cbfd64c9f4eec926fb0345f7a31ed5a012dfcf6182a0a550c2d3ad93240 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-192431 Malicious code in ctosec-appsec-wb-xray-adapters (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71bd5cbfd64c9f4eec926fb0345f7a31ed5a012dfcf6182a0a550c2d3ad93240 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2025-13428

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...

CVE-2023-53789

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer...

SUSE CVE-2022-50632

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: marvellcn10k: Fix hotplug callback leak in tadpmuinit tadpmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

CVE-2025-65293

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.90027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset...

PT-2025-50542

Name of the Vulnerable Software and Affected Versions Aqara Camera Hub G3 version 4.1.9 0027 Description The Aqara Camera Hub G3 contains command injection flaws. Successful exploitation allows attackers to execute arbitrary commands with root privileges. This is achieved by providing malicious Q...

CVE-2025-65293

CVE-2025-65293 refers to a command-injection vulnerability in Aqara Camera Hub G3. Affected software is Aqara Camera Hub G3 version 4.1.9_0027. The underlying issue allows an attacker to execute arbitrary root-level commands via malicious QR codes used during device setup and factory reset. Evide...

Linux Distros Unpatched Vulnerability : CVE-2022-50639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node...

EUVD-2023-60181

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

CVE-2023-53771

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

CVE-2023-53771

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

CVE-2023-53771 MiniDVBLinux 5.4 Unauthenticated Root Password Change via System Setup

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...