Linux Distros Unpatched Vulnerability : CVE-2025-39928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300i2cconfigxfer' to ensure the data length isn't...

CVE-2025-39928

creationtimestamp| type| source ---|---|--- 2025-10-01 23:10:58+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3m265xk455c2z...

DEBIAN-CVE-2025-39928

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300i2cconfigxfer' to ensure the data length isn't within the supported range. In particular a data length of 0 is not...

CVE-2025-39928

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300i2cconfigxfer' to ensure the data length isn't within the supported range. In particular a data length of 0 is not...

CVE-2025-39928

CVE-2025-39928 affects the Linux kernel RTL9300 I2C driver. The vulnerability arises from not validating the transfer length in rtl9300_i2c_config_xfer, allowing a data length of 0 to underflow and be treated as 16 due to (len - 1) & 0xf, which can trigger a 16-byte write and potentially soft-bri...

CVE-2025-39928

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300i2cconfigxfer' to ensure the data length isn't within the supported range. In particular a data length of 0 is not...

MAL-2025-39928 Malicious code in xray-banana-sirr (npm)

The package xray-banana-sirr was found to contain malicious code...

TencentOS Server 3: webkit2gtk3 (TSSA-2024:0205)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0205 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2024-39928

In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...

CVE-2024-39928 Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability

In Apache Linkis = 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue...

CVE-2024-39928

Summary of CVE-2024-39928 (Apache Linkis Spark EngineConn) Affected software: Apache Linkis Spark EngineConn in versions up to 1.5.0 (engine component referenced as EngineConn/Spark EngineConn). Vulnerability: Random string generation for Py4j token uses Commons Lang’s RandomStringUtils, enabling...

RLSA-2024:2982 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-42852 webkitgtk: Processing...

Rocky Linux 8 : webkit2gtk3 (RLSA-2024:2982)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2982 advisory. webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

openSUSE: Security Advisory for webkit2gtk3 (SUSE-SU-2023:4294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0002-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0004-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2023:4339-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4339-1 advisory. - The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16....

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2023:4294-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4294-1 advisory. - The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari...

SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2023:4209-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4209-1 advisory. - The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS...