A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function sk_user_data of the file net/l2tp/l2tp_core.c of the component L2TP Handler. The manipulation leads to null pointer dereference.
This vulnerability is traded as CVE-2022-4129. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.18.5. This issue affects some unknown processing of the file net/ipv6/ip6_output.c. The manipulation leads to integer overflow.
The identification of this vulnerability is CVE-2022-49728. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability was found in runc up to 1.1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect default permissions.
This vulnerability is known as CVE-2022-29162. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability classified as critical has been found in Linux Kernel up to 5.18.12. Affected is the function vlan_newlink in the library include/linux/slab.h. The manipulation leads to memory leak.
This vulnerability is traded as CVE-2022-49636. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability was found in Docker Engine up to 19.03.10 and classified as critical. This issue affects some unknown processing of the component IPv6 Handler. The manipulation leads to improper input validation.
The identification of this vulnerability is CVE-2020-13401. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability was found in Document Foundation LibreOffice up to 7.6.6/24.2.2. It has been rated as critical. Affected by this issue is some unknown functionality of the component Graphic On-click Binding. The manipulation leads to code injection.
This vulnerability is handled as CVE-2024-3044. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
Vulnerabilities in Apple’s AirPlay protocol and SDK exposed Apple and third-party devices to attacks, including remote code execution. Oligo Security found serious flaws, collectively tracked as AirBorne, in Apple’s AirPlay protocol and SDK, affecting Apple and third-party devices. Attackers can exploit the vulnerabilities to perform zero-/one-click RCE, bypass ACLs, read local files, steal data, and […]
A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls.
This vulnerability was named CVE-2025-4119. The attack can be initiated remotely. Furthermore, there is an exploit available.
A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls.
This vulnerability is uniquely identified as CVE-2025-4118. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub_435E04. The manipulation of the argument host leads to command injection.
This vulnerability is handled as CVE-2025-4122. The attack may be launched remotely. There is no exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.