CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

EUVD-2026-34077

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

CVE-2026-35081 Arbitrary process termination vulnerability in method ugw-logstop

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

PT-2026-45922

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

Exploit for CVE-2026-0828

CVE-2026-0828 — Safetica ProcessMonitorDriver.sys BYOVD PoC S...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fixed a memory leak in terminateall. When terminating an ongoing transfer, the vdesc must be terminated as well. This ensures that the vdesc is present in the descterminated list. The descriptor will be freed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate the stack buffer Make sure to NULL terminate the buffer in iiobackend DebugfsWriteReg before passing it to sscan. It is a stack variable, so we should not assume that it will be initializ...

SAP Financial Consolidation 安全漏洞

SAP Financial Consolidation is a financial reporting solution developed by the German company SAP. This product is primarily used for automating intercompany reconciliations and eliminations, currency conversions, and generating financial reports. There is a security vulnerability in SAP Financia...

HPE Aruba Networking Wireless Operating System 资源管理错误漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. The HPE Aruba Networking Wireless Operating System has a resource management vulnerability. This vulnerability stems from insufficient input validation in the protocol...

EUVD-2026-29292

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing an audio stream in a maliciously crafted media file...

CVE-2026-28897

A buffer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A local user may be able to cause unexpected system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'currenttx' not getting freed In terminateall we should queue up all submitted descriptors to be freed. We do that for the content of the 'issued' and 'submitted' lists, but the 'currenttx' descriptor...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leaks When hcicmdsyncqueue failed in hcileterminatebig or hcilebigterminate, the memory pointed by variable d is not freed, which will cause memory leak. Add release process to error path...

Improper Verification of Cryptographic Signature

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper validation of SAML signatures in the authentication and logout...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: nghttp2 (UTSA-2026-014315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014315 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when use...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nghttp2 (UTSA-2026-014273)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014273 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when use...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007047 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport System crash due to use after free. Current...

CVE-2025-70795

STProcessMonitor 11.11.4.0, part of the Safetica Application suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...

CVE-2025-70795

STProcessMonitor 11.11.4.0, part of the Safetica Application suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...