SUSE-SU-2026:20506-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest...

SUSE-SU-2026:20507-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest...

SUSE SLES12 Security Update : kernel (Live Patch 64 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:0518-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0518-1 advisory. This update for the SUSE Linux Enterprise kernel 4.12.14-122.244 fixes various security issues The following security issues were fixed: -...

Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.16 fixes various security issues The following security issues were fixed: CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnreques...

EUVD-2008-0224

Malware in sbrugna...

EUVD-2018-8076

Malware in sbrugna...

CVE-2022-47515

An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service daemon crash via a long message in a TCP request that leads to std::lengtherror...

CVE-2024-6918

CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP...

CVE-2024-53206

CVE-2024-53206: In the Linux kernel, a use-after-free of nreq in reqsk_timer_handler() was fixed by replacing inet_csk_reqsk_queue_drop_and_put() with __inet_csk_reqsk_queue_drop() and reqsk_put(), and by passing orec to reqsk_put() instead of the original req. The issue could occur when a reqsk ...

CVE-2024-53206

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsktimerhandler. The cited commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Then, oreq should be passed to reqskput instead of req;...

Fedora 39 : krb5 (2024-862f5c4156)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-862f5c4156 advisory. Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad support for Message-Authenticator attribute Marvin attack: Removal of the RSA method fo...

Fedora 40 : krb5 (2024-29a74ac2b0)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-29a74ac2b0 advisory. Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad support for Message-Authenticator attribute Marvin attack: Removal of the RSA method fo...

Fedora: Security Advisory (FEDORA-2024-862f5c4156)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-29a74ac2b0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : krb5 (2024-c0961d31b8)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c0961d31b8 advisory. Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad support for Message-Authenticator attribute Marvin attack: Removal of the RSA method fo...

CVE-2022-47515

An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service daemon crash via a long message in a TCP request that leads to std::lengtherror...

Cross site request forgery (csrf)

An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service daemon crash via a long message in a TCP request that leads to std::lengtherror...

Improper access control

Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device...

CVE-2018-16224

Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device...

CVE-2018-16224

Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device...