CVE-2018-25321

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

CVE-2018-25321

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

CVE-2018-25321

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

EUVD-2018-21842

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

CVE-2018-25321 TP-Link TL-WR720N CSRF via Administrative Interfaces (firmware V1_130719)

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

OESA-2026-2176 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks using Wi-Fi Protected Access WPA, WPA2, or WPA3 or Wired Equivalent Privacy WEP, an adversary can exploit this vulnerability to injec...

CVE-2026-43052

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag in ieee80211tdlsoper When NL80211TDLSENABLELINK is called, the code only checks if the station exists but not whether it is actually a TDLS station. This allows the operation to proceed for non-TDL...

Beamforming Feedback As a Novel Attack Surface for Wi-Fi Physical-Layer Security

With the rapid evolution of wireless technologies, Wi-Fi has expanded beyond its original role in data transmission to support various emerging applications, particularly in physical-layer security, including device authentication, user authentication, and secret key generation. Despite extensive...

CVE-2026-4477

CVE-2026-4477 affects Yi Technology YI Home Camera 2, version 2.1.1_20171024151200. The vulnerability lies in an unknown function within the WPA/WPS component, enabling manipulation that can lead to use of a hard-coded cryptographic key. Exploitation is possible only on the local network and is c...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993132)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993132 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211getrateduration Fix possible out-of-bound acce...

kernel: wifi: mac80211: check S1G action frame size

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame...

kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree...

Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024133 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

EUVD-2016-9349

Malware in sbrugna...

EUVD-2018-21175

Malware in sbrugna...

EUVD-2020-5020

Malware in sbrugna...

EUVD-2021-13071

Malware in sbrugna...

CVE-2023-53540

CVE-2023-53540 covers a Linux kernel wifi issue in cfg80211 where a station will reject auth/assoc to an AP if the AP uses the station’s own address as MLD address or BSSID. The advisory states this should be rejected to avoid a later failure, with impact described as a high availability risk but...

EUVD-2024-34483

Malicious code in bioql PyPI...