Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsu32 component, which can be exploited to gain local privilege escalation. If the tcfchangeindev function fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write occurs due to the lack of skb-cb initialization in the ipvlan network driver. This vulnerability is exploitable if CONFIGIPVLAN is...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 3701 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious tiff file. For users who compile LibTIFF from source code, the fix is available in the comm...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read in tiffcrop at line 3400 of tools/tiffcrop.c, allowing attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile LibTIFF from source code, the fix is available in the commit afaabc3e...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in the writeSingleSection function located at line 7345 in the tools/tiffcrop.c file. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIFF file. For users who compile LibTIFF from source code, t...

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in TIFFmemcpy in libtiff/tifunix.c:346, when called from extractImageSection, located at tools/tiffcrop.c:6826. This vulnerability allows attackers to cause a denial-of-service attack through a crafted TIFF file. For users who compile...

Astra Linux - уязвимость в linux-5.10, linux

Dm-verity is used to extend the root-of-trust to root file systems. LoadPin builds upon this feature to restrict module/firmware loads to only the trusted root file system. Currently, device-mapper table reloads allow users with root privileges to replace the target with an equivalent dm-linear...

Astra Linux - уязвимость в tiff

In libtiff version 4.3.0, the unchecked dereference of a return value can allow attackers to trigger a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, this issue has been fixed in the commit f2b656e2...

Astra Linux - уязвимость в linux-5.10

iouring uses workFlags to determine which identities need to be retrieved from the calling process, ensuring that they are consistent with the calling process when executing IORINGOP. Some operations lack certain types, which can lead to incorrect reference counts, potentially causing a...

PT-2026-42373

ydb-go-sdk's transactions are not committed using the options.WithCommit option on last call table.Transaction.Execute in transaction in github.com/ydb-platform/ydb-go-sdk...

CVE-2026-47092

Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating the COMSPEC environment variable. Attackers can set COMSPEC to an arbitrary binary path before claude-hud performs its version...

gohttp is vulnerable to directory traversal via a crafted request

An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request...

GHSA-RG3P-P27C-2F39 gohttp is vulnerable to directory traversal via a crafted request

An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request...

kernel: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARNON due to a commitoverrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the same as the commit buffer...

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code VS Code Marketplace. The extension in question is rwl.angular-console version 18.95.0, a popular user interface and plugin for code editors like VS Code,...

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper , to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. "Every existing tag in the repository has...

EUVD-2026-30836

NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9...

CVE-2025-70950

Technical details about CVE-2025-70950 are not publicly available in the provided documents; no explicit affected products, versions, exploitation details, or remediation are stated. Monitor for updates from official sources.

EUVD-2025-209898

An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request...

CVE-2025-70950

An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request...