12423 matches found
CVE-2025-14213 Cato's Socket WebUI is vulnerable to OS Command Injection
Cato Networks’ Socket versions prior to 25 contain a command injection vulnerability that allows an authenticated attacker with access to the Socket web interface UI to execute arbitrary operating system commands as the root user on the Socket’s internal system...
CVE-2025-14213
Cato Networks Socket WebUI (versions prior to 25) is affected by an OS command injection vulnerability. An authenticated attacker with access to the Socket web interface can run arbitrary OS commands as root on the Socket’s internal system. The issue is network-exposed with low attack complexity,...
CVE-2025-14213 Cato's Socket WebUI is vulnerable to OS Command Injection
Cato Networks’ Socket versions prior to 25 contain a command injection vulnerability that allows an authenticated attacker with access to the Socket web interface UI to execute arbitrary operating system commands as the root user on the Socket’s internal system...
CVE-2025-14213
Cato Networks’ Socket versions prior to 25 contain a command injection vulnerability that allows an authenticated attacker with access to the Socket web interface UI to execute arbitrary operating system commands as the root user on the Socket’s internal system...
Cato Networks Socket 安全漏洞
Cato Networks Socket is an edge access device from the Israeli company Cato Networks, designed to provide secure network connections and traffic optimization capabilities. Previous versions of Cato Networks Socket 25 contained security vulnerabilities; these vulnerabilities stemmed from command...
PT-2026-29240
Cato Networks’ Socket versions prior to 25 contain a command injection vulnerability that allows an authenticated attacker with access to the Socket web interface UI to execute arbitrary operating system commands as the root user on the Socket’s internal system...
CVE-2026-21711
A flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket UDS server operations without the required permission checks, while all comparable network paths correctly enforce them. As a result, code running under --permission without --allow-net can create and expose local IP...
UBUNTU-CVE-2026-21711
A flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket UDS server operations without the required permission checks, while all comparable network paths correctly enforce them. As a result, code running under --permission without --allow-net can create and expose local IP...
CVE-2026-25627 nanomq: OOB Read / Crash (DoS) via Malformed MQTT Remaining Length over WebSocket
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...
CVE-2026-21711
A flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket UDS server operations without the required permission checks, while all comparable network paths correctly enforce them. As a result, code running under --permission without --allow-net can create and expose local IP...
CVE-2026-21711
A flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket UDS server operations without the required permission checks, while all comparable network paths correctly enforce them. As a result, code running under --permission without --allow-net can create and expose local IP...
GHSA-2MG4-PFGX-64CF AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()
Summary The verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows captured or legitimately obtained tokens to provide permanent WebSocket...
kernel: can: j1939: j1939_session_new(): fix skb reference counting
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
ALSA-2026:6037 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in macvlancommonnewlink CVE-2026-23209 kernel: net/sched: clsu32: use...
PT-2026-29116
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...
CVE-2026-1679
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...
GHSA-C447-W54G-F55J Duplicate Advisory: OpenClaw Telegram webhook request bodies were read before secret validation, enabling unauthenticated resource exhaustion
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jq3f-vjww-8rq7. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 - Kobold Exploit Full chain exploit for the Ko...
CVE-2026-34247
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the plugin/Live/uploadPoster.php endpoint allows any authenticated user to overwrite the poster image for any scheduled live stream by supplying an arbitrary livescheduleid. The endpoint only checks User::isLogged...
CVE-2026-1679
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...