DEBIAN-CVE-2022-50645

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pcigetdevwrapper As the comment of pcigetdomainbusandslot says, it returns a PCI device with refcount incremented, so it doesn't need to call an extra pcidevget in pcigetdevwrapper, and the PCI...

SUSE CVE-2023-53746

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

CVE-2023-53779

...

CVE-2023-53779 mfd: dln2: Fix memory leak in dln2_probe()

In the Linux kernel, the following vulnerability has been resolved: mfd: dln2: Fix memory leak in dln2probe When dln2setuprxurbs in dln2probe fails, error outfree forgets to call usbputdev to decrease the refcount of dln2-usbdev. Fix this by adding usbputdev in the error handling code of dln2prob...

UBUNTU-CVE-2023-53746

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

CVE-2023-53746 s390/vfio-ap: fix memory leak in vfio_ap device driver

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

CVE-2023-53746

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

VulnCheck KEV: CVE-2025-58443

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is...

Researcher Uncovers 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Over 30 security vulnerabilities have been disclosed in various artificial intelligence AI-powered Integrated Development Environments IDEs that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution. The security shortcomings have been...

CVE-2025-67779

creationtimestamp| type| source ---|---|--- 2025-12-05 13:54:28+00:00| seen| https://vulnerability.circl.lu/bundle/6739b288-995a-4f1a-9f03-5d1ced3a8fbd 2025-12-12 00:04:32+00:00| seen| https://bsky.app/profile/react.dev/post/3m7qs2rtey22l 2025-12-12 02:04:06+00:00| seen|...

CVE-2025-55184

creationtimestamp| type| source ---|---|--- 2025-12-05 13:54:28+00:00| seen| https://vulnerability.circl.lu/bundle/6739b288-995a-4f1a-9f03-5d1ced3a8fbd 2025-12-11 20:51:04+00:00| seen| https://bsky.app/profile/react.dev/post/3m7qhaqdxuc2v 2025-12-11 20:51:04+00:00| seen|...

CVE-2025-55183

creationtimestamp| type| source ---|---|--- 2025-12-05 13:54:28+00:00| seen| https://vulnerability.circl.lu/bundle/6739b288-995a-4f1a-9f03-5d1ced3a8fbd 2025-12-11 20:51:04+00:00| seen| https://bsky.app/profile/react.dev/post/3m7qhaqdtxc2v 2025-12-11 20:51:05+00:00| seen|...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.1 Release.

Red Hat OpenShift Dev Spaces 3.23.1 has been released. This release addresses CVE-2025-12548 'Eclipse Che — unauthenticated RCE and secret exfiltration via TCP/3333'...

CVE-2025-66454 Arcade MCP Default Hardcoded Worker Secret Allows Full Unauthorized Access to All HTTP MCP Worker Endpoints

Arcade MCP allows you to to create, deploy, and share MCP Servers. Prior to 1.5.4, the arcade-mcp HTTP server uses a hardcoded default worker secret "dev" that is never validated or overridden during normal server startup. As a result, any unauthenticated attacker who knows this default key can...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.22.1 Release.

Red Hat OpenShift Dev Spaces 3.22.1 has been released. This release addresses CVE-2025-12548 'Eclipse Che — unauthenticated RCE and secret exfiltration via TCP/3333'...

CVE-2025-12548

No description is available for this CVE. Mitigation Apply the security best practices from the Red Hat OpenShift Dev Spaces Administration Guide: https://docs.redhat.com/en/documentation/redhatopenshiftdevspaces/3.24/html/administrationguide/security-best-practices...

EUVD-2025-200178

Malicious code in @wxi-dev/serverless-tsc-config npm...

Red Hat OpenShift Dev Spaces 安全漏洞

Red Hat OpenShift Dev Spaces is a cloud-based development environment from Red Hat USA. A security vulnerability exists in Red Hat OpenShift Dev Spaces that stems from improper permissions in the /etc/passwd file, which could result in elevated privileges within the container...

Malicious code in solana-dev-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c145bf7c5a5338ce094da7306d81c107eb218975e136423df4b1e3f71207b755 The package solana-dev-mcp was found to contain malicious code...

MAL-2025-191527 Malicious code in solana-dev-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c145bf7c5a5338ce094da7306d81c107eb218975e136423df4b1e3f71207b755 The package solana-dev-mcp was found to contain malicious code...