dsipts (>=1.1.5 <=1.1.19), kedro-aim (>=0.1.1 <=0.1.3) +7 more potentially affected by CVE-2025-51464 via aim (>=3.17.4 <=3.29.1)

aim PYPI version =3.17.4, =1.1.5, =0.1.1, =0.0.1, =0.0.1, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2025-51464 Source advisory: OSV:GHSA-GMVV-RJ92-9W35...

SUSE CVE-2025-25207

The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...

CVE-2022-49956

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...

SUSE CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

CVE-2022-49956

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...

UBUNTU-CVE-2022-49956

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...

CVE-2022-50144

In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...

CVE-2022-49956

CVE-2022-49956 in the Linux kernel refers to a use-after-free bug in the rtl8712 staging driver. The issue arises because _Read/Write_MACREG callbacks are NULL, causing read/write_macreg_hdl() to only free the pcmd pointer. The fix removes these callbacks to prevent the use-after-free. The vulner...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via improper handling of callback references during the destruction of the Channel object. An attacker can cause a fatal interpreter crash by triggering DNS queries that result in the Channel object being garbage collecte...

Denial Of Service (DoS)

github.com/kuadrant/authorino is vulnerable to Denial of Service DoS. The vulnerability is due to the lack of limits on post-authorization callbacks, allowing an attacker with developer persona access to overload the service...

CVE-2025-25207

The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...

dsipts (>=1.1.5 <=1.1.19), kedro-aim (>=0.1.1 <=0.1.3) +7 more potentially affected by CVE-2025-5321 via aim (>=3.17.4 <=3.29.1)

aim PYPI version =3.17.4, =1.1.5, =0.1.1, =0.0.1, =0.0.1, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2025-5321 Source advisory: OSV:GHSA-GP5H-F9C5-8355...

CVE-2023-34166

Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to restart...

CVE-2022-24858

next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks option. If you already...

CVE-2003-0573

The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact...

DEBIAN-CVE-2025-37910

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations On Adva boards, SMA sysfs store/get operations can call handlesignaloutputs or handlesignalinputs while the irig and dcf pointers are uninitialized, leading to a...

SUSE CVE-2022-49920

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: netlink notifier might race to release objects commit release path is invoked via callrcu and it runs lockless to release the objects after rcu grace period. The netlink notifier handler might win race to...

CVE-2025-37798

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch-q.qlen check before qdisctreereducebacklog After making all -qlennotify callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fqcodeldequeue and codelqdiscdequeue...

DEBIAN-CVE-2025-37798

In the Linux kernel, the following vulnerability has been resolved: codel: remove sch-q.qlen check before qdisctreereducebacklog After making all -qlennotify callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fqcodeldequeue and codelqdiscdequeue...

CVE-2025-37798

CVE-2025-37798 affects the Linux kernel networking code. The fix removes the qlen check in fq_codel_dequeue() and codel_qdisc_dequeue() after making sch-&gt;qlen_notify() callbacks idempotent. The description indicates the vulnerability related to backlog/queue length handling in qdisc code (code...