伊朗总统下令重新开放国际互联网接入
发布时间: 2026-0
Aggregator
CVE-2026-9543 | Totolink N300RH 6.1c.1353_B20190305 Web Management Interface /cgi-bin/cstecgi.cgi setPasswordCfg admpass os command injection
5 days 19 hours ago
A vulnerability labeled as critical has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection.
This vulnerability is documented as CVE-2026-9543. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2026-9496 | pacote up to 11.2.7 addGitSha redos (SNYK-JS-PACOTE-8225084 / EUVD-2026-31793)
5 days 19 hours ago
A vulnerability identified as problematic has been detected in pacote up to 11.2.7. This impacts the function addGitSha. This manipulation causes inefficient regular expression complexity.
This vulnerability is registered as CVE-2026-9496. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com
Submit #815425: Shenzhen Sixun Software Co., Ltd. Sixun Shangqi 10 Business Management System Sixun Shangqi 10 SQL Injection [Accepted]
5 days 19 hours ago
Submit #815425 / VDB-365608
bigbrother_man
Submit #815070: sourcecodester Hospital's Patient Records Management System V1.0 SQL injection [Duplicate]
5 days 19 hours ago
Submit #815070 / VDB-201881
llfak
Submit #815069: sourcecodester Hospital's Patient Records Management System V1.0 SQL injection [Duplicate]
5 days 19 hours ago
Submit #815069 / VDB-201880
llfak
CVE-2026-3314 | Hitachi Ops Center Analyzer prior 11.0.8-00 missing password field masking (sec-2026-120 / EUVD-2026-31795)
5 days 19 hours ago
A vulnerability categorized as problematic has been discovered in Hitachi Ops Center Analyzer, Ops Center Analyzer viewpoint and Infrastructure Analytics Advisor. This affects an unknown function. The manipulation results in missing password field masking.
This vulnerability is cataloged as CVE-2026-3314. An attack on the physical device is feasible. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
Submit #815068: Totolink N300RHv4 V6.1c.1353_B20190305 OS Command Injection [Accepted]
5 days 19 hours ago
Submit #815068 / VDB-365607
a1ester
CVE-2026-9495 | koa router 14.x access control (SNYK-JS-KOAROUTER-12215044 / EUVD-2026-31792)
5 days 19 hours ago
A vulnerability was found in koa router 14.x. It has been rated as critical. The impacted element is an unknown function. The manipulation leads to improper access controls.
This vulnerability is listed as CVE-2026-9495. The attack may be initiated remotely. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
The Strategic Encroachment of Red Lamassu Across the Eurasian Telecommunications Landscape
5 days 19 hours ago
The state-sponsored Chinese threat collective known as Red Lamassu has spent years establishing persistent covert footprints within the core telecommunications architectures of Asia. Recent threat intelligence data has definitively correlated their operations with two...
The post The Strategic Encroachment of Red Lamassu Across the Eurasian Telecommunications Landscape appeared first on Information Security News.
ddos
CVE-2026-9256 | F5 NGINX Plus/NGINX Open Source prior 37.0.1.1/R32 P7/R36 P5 ngx_http_rewrite_module heap-based overflow (K000161377 / EUVD-2026-31444)
5 days 19 hours ago
A vulnerability marked as critical has been reported in F5 NGINX Plus and NGINX Open Source. Affected by this issue is some unknown functionality of the component ngx_http_rewrite_module. The manipulation leads to heap-based buffer overflow.
This vulnerability is documented as CVE-2026-9256. The attack can be initiated remotely. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-48832 | SPIP up to 4.4.14 ecrire action/cookie.php redirect (EUVD-2026-31601 / Nessus ID 316568)
5 days 19 hours ago
A vulnerability classified as problematic has been found in SPIP up to 4.4.14. Impacted is an unknown function of the file action/cookie.php of the component ecrire. Performing a manipulation results in open redirect.
This vulnerability is cataloged as CVE-2026-48832. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-39830 | x-crypto up to 0.51.x on Go SSH Peer Close deadlock (EUVD-2026-31397 / Nessus ID 316570)
5 days 19 hours ago
A vulnerability was found in x-crypto up to 0.51.x on Go. It has been classified as problematic. This affects the function Close of the component SSH Peer Handler. This manipulation causes deadlock.
This vulnerability is registered as CVE-2026-39830. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-39831 | x-crypto up to 0.51.x FIDO/U2F Verify authentication spoofing (EUVD-2026-31395 / Nessus ID 316571)
5 days 19 hours ago
A vulnerability, which was classified as critical, has been found in x-crypto up to 0.51.x. This impacts the function Verify of the component FIDO/U2F. Performing a manipulation results in authentication bypass by spoofing.
This vulnerability is identified as CVE-2026-39831. The attack may be carried out on the physical device. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
Сначала Dell, теперь HP. Корпорации внезапно выстроились в очередь финансировать открытый код
5 days 19 hours ago
То, что годами держалось на энтузиазме, получило серьёзную мотивацию.
2025 年中亚经历了创纪录的冰川损失
5 days 19 hours ago
中亚的冰川是生活在下游地区的数百万人的重要水源。一项新研究发现 2025 年中亚经历了创纪录的冰川损失。冰川加速消融可能会在短期内增加融水,但最终由于冰量的减少融水也会减少。研究人员利用对天山和帕米尔高原 16 座冰川的实地观测数据,结合模型,估算出中亚冰川在一年内损失了约 30 立方千米的冰,相当于该地区冰川总体积的近 2%。这一结果是异常温暖的春夏季气温以及降雪频率的大幅下降造成的。16 座冰川有 9 座经历了有史以来最严重的冰川质量损失,帕米尔高原西部和天山山脉西部的冰川消融最为严重,部分冰川在一年内损失了 2%-4% 的总冰量。64% 的冰川经历了自 1991 年以来最严重的冰川质量损失。研究人员警告由于全球暖化,这种情况可能成为常态。
Space Bears
5 days 19 hours ago
You must login to view this content
cohenido
Space Bears
5 days 19 hours ago
You must login to view this content
cohenido
CVE-2026-31624 | Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0 HID Parser s32ton out-of-bounds (EUVD-2026-25517 / WID-SEC-2026-1279)
5 days 20 hours ago
A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. It has been declared as critical. This affects the function s32ton of the component HID Parser. The manipulation results in out-of-bounds read.
This vulnerability is known as CVE-2026-31624. Access to the local network is required for this attack. No exploit is available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-31621 | Linux Kernel up to 6.19.13/7.0.0 auxiliary_device_uninit null pointer dereference (Nessus ID 310307 / WID-SEC-2026-1279)
5 days 20 hours ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.19.13/7.0.0. Affected is the function auxiliary_device_uninit. Executing a manipulation can lead to null pointer dereference.
This vulnerability is handled as CVE-2026-31621. The attack can only be done within the local network. There is not any exploit available.
The affected component should be upgraded.
vuldb.com