24h | 7d | 30d

CVE-2025-69194

Overview

  • wget2
09 Jan 2026
Published
10 Jan 2026
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user’s environment.

Statistics

  • 1 Post
Last activity: 23 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
CRITICAL: CVE-2025-69194 patched in #Mageia 9's wget2. Arbitrary file write via Metalink path traversal. Patch via MGASA-2026-0002 immediately. Read more: πŸ‘‰ tinyurl.com/hvpw4468 #Security
  • 0
  • 0
  • 0
  • 23h ago

CVE-2026-0836

Overview

  • UTT
  • 进取 520W
11 Jan 2026
Published
11 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.04%
KEV

Description

A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post
Last activity: 11 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-0836 - High (8.8)

A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the att...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 11h ago

CVE-2026-0837

Overview

  • UTT
  • 进取 520W
11 Jan 2026
Published
11 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.04%
KEV

Description

A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 2 Posts
Last activity: 11 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-0837 - High (8.8)

A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The explo...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 1
  • 11h ago

CVE-2026-0716

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
Last activity: Last hour

Fediverse

Profile picture
Mike Gorse @MikeGorse

I'm not exactly sure why I'm doing this on a Sunday, and the hard work was done by others, but there you go; proposed fix for CVE-2026-0716. gitlab.gnome.org/GNOME/libsoup

  • 0
  • 0
  • 0
  • Last hour

CVE-2025-22921

Overview

  • Pending
18 Feb 2025
Published
03 Nov 2025
Updated
CVSS
Pending
EPSS
0.18%
KEV

Description

FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.

Statistics

  • 1 Post
Last activity: 4 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
CRITICAL UPDATE: #Fedora 43 patches a high-sev DoS vuln in WasmEdge (CVE-2025-22921). This WebAssembly runtime flaw can crash apps. Essential for #edgecomputing & #serverless. Read more: πŸ‘‰ tinyurl.com/3b5uv4nw #Security
  • 0
  • 0
  • 0
  • 4h ago

CVE-2026-22184

Overview

  • zlib software
  • zlib
07 Jan 2026
Published
07 Jan 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.08%
KEV

Description

zlib versions up to and including 1.3.1.2 contain a global buffer overflow in the untgz utility. The TGZfname() function copies an attacker-supplied archive name from argv[] into a fixed-size 1024-byte static global buffer using an unbounded strcpy() call without length validation. Supplying an archive name longer than 1024 bytes results in an out-of-bounds write that can lead to memory corruption, denial of service, and potentially code execution depending on compiler, build flags, architecture, and memory layout. The overflow occurs prior to any archive parsing or validation.

Statistics

  • 1 Post
Last activity: 2 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 CRITICAL: #Mageia 9 security update MGASA-2026-0006 patches a severe buffer overflow in zlib (CVE-2026-22184). Affects versions <=1.3.1.2. Remote code execution risk. Read more: πŸ‘‰ tinyurl.com/4k4b6nz2 #Security
  • 0
  • 0
  • 0
  • 2h ago

CVE-2024-34462

Overview

  • Pending
04 May 2024
Published
02 Aug 2024
Updated
CVSS
Pending
EPSS
0.09%
KEV

Description

Alinto SOGo through 5.10.0 allows XSS during attachment preview.

Statistics

  • 1 Post
Last activity: 20 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 #Debian 11 Bullseye Security Alert: CVE-2024-34462 & CVE-2025-63499. Critical XSS vulnerabilities patched in SOGo groupware. Read more: πŸ‘‰ tinyurl.com/2u5fdbww #Security
  • 0
  • 0
  • 0
  • 20h ago

CVE-2025-63499

Overview

  • Pending
04 Dec 2025
Published
05 Dec 2025
Updated
CVSS
Pending
EPSS
0.01%
KEV

Description

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.

Statistics

  • 1 Post
Last activity: 20 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 #Debian 11 Bullseye Security Alert: CVE-2024-34462 & CVE-2025-63499. Critical XSS vulnerabilities patched in SOGo groupware. Read more: πŸ‘‰ tinyurl.com/2u5fdbww #Security
  • 0
  • 0
  • 0
  • 20h ago
Showing 21 to 28 of 28 CVEs