qemu-kvm: VNC WebSocket handshake use-after-free

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

Important: Red Hat Security Advisory: ovn25.03 security update

An update for ovn25.03 is now available for Fast Datapath for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

Important: Red Hat Security Advisory: ovn25.09 security update

An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

kernel: net: sched: act_csum: validate nested VLAN headers

A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...

kernel: net: sched: act_csum: validate nested VLAN headers

A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...

CVE-2026-44988

CVE-2026-44988 concerns LibVNCClient (0.9.15 and earlier) where the Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter and does not reject Wide Tight rectangles. A malicious VNC server can send a FramebufferUpdate rectangle encoded with Tight (NoZlib | Expli...

CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

CVE-2026-7251 Eppendorf BioFlo 320 Use of hard-coded password

Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have ful...

EUVD-2026-31912

Eppendorf BioFlo 320 is vulnerable to due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have...

CVE-2026-7251

Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full control of the user interface by using this password. Once connected, the attacker would have ful...

PT-2026-43357

Name of the Vulnerable Software and Affected Versions Eppendorf BioFlo 320 affected versions not specified Description The VNC server uses a hard-coded password. A remote attacker who knows the network address of a device with remote access enabled can use this password to gain full control of th...

Eppendorf BioFlo 320 安全漏洞

The Eppendorf BioFlo 320 is a laboratory bioreactor control system developed by the German company Eppendorf. The Eppendorf BioFlo 320 has a security vulnerability, which stems from the VNC server using hard-coded passwords. This vulnerability could allow remote attackers to gain complete control...

CVE-2026-40411

Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network...

CVE-2026-40411 Azure Virtual Network Gateway Remote Code Execution Vulnerability

...

CVE-2026-40411 Azure Virtual Network Gateway Remote Code Execution Vulnerability

...

EUVD-2026-31510

Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network...

CVE-2026-40411

Azure Virtual Network Gateway is affected by a Remote Code Execution vulnerability (CVE-2026-40411) due to improper input validation. An attacker with network access and low privileges can trigger code execution on the gateway, given an authentication context that is considered authorized. The CV...

PT-2026-42843

Name of the Vulnerable Software and Affected Versions Azure Virtual Network Gateway affected versions not specified Description Improper input validation allows an authorized attacker to execute code over a network. Recommendations At the moment, there is no information about a newer version that...

Microsoft Azure Virtual Network Gateway 输入验证错误漏洞

Microsoft Azure Virtual Network Gateway is a cloud gateway service provided by Microsoft that supports VPN and cross-network connectivity. There is an input validation vulnerability in Microsoft Azure Virtual Network Gateway, which stems from improper input validation. This vulnerability may allo...