25 matches found
CVE-2026-31506 net: bcmasp: fix double free of WoL irq
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wolirq since it was instantiated with devmrequestirq. So devres will free for us...
EUVD-2024-51934
Malicious code in bioql PyPI...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net: ravb: Fixed the missing rtnl lock in the suspend/resume path The suspend/resume path was fixed by ensuring that the rtnl lock is held where it is required. Calls to ravbopen, ravbclose, and wol operations must be performe...
DEBIAN-CVE-2025-21801
In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravbopen, ravbclose and wol operations must be performed under the rtnl lock to preven...
UBUNTU-CVE-2025-21801
In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravbopen, ravbclose and wol operations must be performed under the rtnl lock to preven...
CVE-2024-53281
Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in Network WOL functionality in Synology Router Manager SRM before 1.3.1-9346-10 allows remote authenticated users to read or write specific files containing non-sensitive information and conduct...
PT-2024-9668 · Synology · Synology Router Manager
Name of the Vulnerable Software and Affected Versions: Synology Router Manager versions prior to 1.3.1-9346-10 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS, in the Network WOL functionality. This could all...
Command injection
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeupmac parameter in the Wake-On-LAN WoL function. This vulnerability is exploited via a crafted payload...
CVE-2023-43893
CVE-2023-43893 concerns Netis N3Mv2-V1.0.1.865, where the Wake-On-LAN (WoL) function’s wakeup_mac parameter is vulnerable to command injection via a crafted payload. The issue is described across multiple sources (NVD, Red Hat, CVE List, CNNVD, etc.) as a router/network device vulnerability with ...
CVE-2023-43893
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeupmac parameter in the Wake-On-LAN WoL function. This vulnerability is exploited via a crafted payload...
SUSE CVE-2014-9900
The ethtoolgetwol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android...
Wizard Spider Upgrades Ryuk Ransomware to Reach Deep into LANs
The Ryuk ransomware has added two features to enhance its effectiveness: The ability to target systems that are in “standby” or sleep mode; and the use of Address Resolution Protocol ARP pinging to find drives on a company’s LAN. Both are employed after the initial network compromise of a victim...
kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results
If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmfwowlndresults function. This vulnerability can be exploited by compromised...
wol-edu.ch Cross Site Scripting vulnerability
Security Researcher metamorfosec Helped patch 1948 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting wol-edu.ch website and its users. Following coordinat...
EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1485)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's Crypto subsystem handled automatic loading of kernel modules. A local user could u...
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information
The vulnerability of the ethtoolgetwol function in the net/core/ethtool.c file of Linux kernels up to version 4.7 in the Android operating system is related to the absence of initialization of the data structure. Exploiting this vulnerability could allow a remote attacker to obtain confidential...
Android on Nexus Information Disclosure Vulnerability (CNVD-2016-06239)
Android on Nexus 5 and 7 is an open source operating system for the Nexus 5 and 7 smartphones based on Linux, developed by Google and the Open Handset Alliance OHA.The Linux kernel is the kernel used by Linux, the operating system released by the Linux Foundation in the United States. Linux kerne...
DEBIAN-CVE-2014-9900
The ethtoolgetwol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android...
RedHat Update for kernel RHSA-2013:1790-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 4 : kernel (RHSA-2010:0342)
Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which...