PT-2025-43570

Name of the Vulnerable Software and Affected Versions Productivity Suite version v4.4.1.19 Description A flaw exists due to a binding to an unrestricted IP address in the ProductivityService PLC simulator. This allows an unauthenticated remote attacker to interact with the simulator. Successful...

Aviatrix Controllers < 7.1.4191 / 7.2 < 7.2.4996 RCE

The version of Aviatrix Controller installed on the remote host is prior to 7.1.4191 for 7.1.x or prior to 7.2.4996 for 7.2.x. It is, therefore, affected by an OS command injection vulnerability caused by improper neutralization of special elements in API input. An unauthenticated attacker can se...

PT-2025-51649

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s UFS Universal Flash Storage subsystem, specifically within the ufs-qcom component, related to power-down sequences. During UFS device power down,...

EUVD-2025-35633

BookLore is a self-hosted web app for organizing and managing personal book collections. In versions 1.8.1 and prior, an authentication bypass vulnerability in the BookMediaController allows any unauthenticated user to access and download book covers, thumbnails, and complete PDF/CBX page content...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

EUVD-2023-60010

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpubuffer during resize process When ringbufferswapcpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will...

CVE-2023-53714

In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdccrtcsetcrcsource, struct drmcrtc was dereferenced in a containerof before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:11...

DEBIAN-CVE-2023-53714

In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdccrtcsetcrcsource, struct drmcrtc was dereferenced in a containerof before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:11...

PT-2025-43115

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the DRM/STM subsystem, specifically in the ltdc driver. A late dereference check in the ltdc crtc set crc source function could lead to a kernel...

CLSA-2025-1761082525 Fix CVE(s): CVE-2022-45141

SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/kv to versi...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/rest to...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/common to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987703)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987703 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987522 advisory. In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the...

CVE-2025-40001

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

ABB ALS-mini-s4 IP和ABB ALS-mini-s8 IP 访问控制错误漏洞

The ABB ALS-mini-s4 IP and ABB ALS-mini-s8 IP are both intelligent load management controllers from ABB Switzerland. An access control error vulnerability exists in the ABB ALS-mini-s4 IP and ABB ALS-mini-s8 IP that stems from a lack of authentication for critical functions...

Exploit for CVE-2020-1472

Domain-Controller-DC-Exploitation-with-Metasploit-Impacket End...

AZL-68585 CVE-2025-40001 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

DEBIAN-CVE-2025-40001

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...