Tagged: Cybersecurity Alert

ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even...

In the case of the cap_net service, when a key present in the old limit was omitted from the new limit, the missing key was treated as “allow any” instead of being rejected. In...

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog(1) to prompt the user to select a network. This is implemented...

MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability More information : https://talosintelligence.com/vulnerability_reports/TALOS-2026-2371

libcasper(3) communicates with helper processes via UNIX domain sockets, and uses the select(2) system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select(2)’s...

Incorrect Behaviour of Views with TCP PROXY Requests More information : https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html

Insufficient Validation of Names During AXFR More information : https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html

Insufficient Validation of Autoprimary SOA Queries More information : https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html

Concurrency and locking defects in GSS-TSIG More information : https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html

Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail More information : https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-06.html

Honeywell Control Network Module (CNM) contains insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing system files, potentially resulting in unintended access to protected data. More information :...

A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions. More...

Improper input validation, Unrestricted upload of file with dangerous type vulnerability in Gmission Web Fax allows Remote Code Inclusion. This issue affects Web Fax: from 3.0 before 3.1. More information : https://www.gmission.co.kr/fax1

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer...