kernel: mm: slub: avoid wake up kswapd in set_track_prepare

A deadlock lock recursion vulnerability exists in the linux kernel such that when CONFIGDEBUGOBJECTSTIMERS is set, may wake up kswapd in settrackprepare, and try to hold the percpuhrtimerbases lock...

Check Point Identity Agent 安全漏洞

Check Point Identity Agent is an application from Check Point Israel. It is used to obtain and report identities to the Check Point Identity Awareness Security Gateway. A security vulnerability exists in Check Point Identity Agent that originates from printing sensitive information in plaintext i...

CVE-2025-68336

In the Linux kernel, the following vulnerability has been resolved: locking/spinlock/debug: Fix data-race in dorawwritelock KCSAN reports: BUG: KCSAN: data-race in dorawwritelock / dorawwritelock write marked to 0xffff800009cf504c of 4 bytes by task 1102 on cpu 1: dorawwritelock+0x120/0x204...

PT-2025-52654

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the drm/xe/guc subsystem related to stack depot usage. Specifically, a missing stack depot init call when CONFIG DRM XE DEBUG GUC is enabled can...

Oracle Linux 9 : python3.9 (ELSA-2025-23342)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23342 advisory. 3.9.25-2.0.1 - Remove upstream URL reference 3.9.25-2 - Move sysconfigdatadlinux.py to the debug subpackage 3.9.25-1 - Update to Python 3.9.25 3.9.24-...

CLSA-2025-1766051004 Fix CVE(s): CVE-2025-8225

SECURITY UPDATE: debuginformation memory leak in processdebuginfo - debian/patches/CVE-2025-8225.patch: prevent memory leak by checking allocnumdebuginfoentries instead of numdebuginfoentries to determine whether debuginformation has been allocated - CVE-2025-8225...

python3.9 security update

3.9.25-2.0.1 - Remove upstream URL reference 3.9.25-2 - Move sysconfigdatadlinux.py to the debug subpackage 3.9.25-1 - Update to Python 3.9.25 3.9.24-1 - Update to Python 3.9.24...

EulerOS Virtualization 2.13.1 : binutils (EulerOS-SA-2025-2534)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the...

CVE-2025-14817

The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...

CVE-2025-14817 Factory Mode App Exists Privilege Escalation Issue Allowing Third-Party Apps to Open ADB

The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction...

TECNO Pova6 Pro 5G 安全漏洞

TECNO Pova6 Pro 5G is a smartphone from TECNO, a Chinese company. A security vulnerability exists in TECNO Pova6 Pro 5G, which stems from a lack of privilege control in the com.transsion.tranfacmode.entrance.main.MainActivity component, which could result in a third-party application directly...

CVE-2025-36753

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

EUVD-2025-203255

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

CVE-2025-36753

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

CVE-2025-36753

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

CVE-2025-36743

SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowing disclosure of system internals and execution of debug commands...

CVE-2025-36753 SWD Interface Open on Growatt ShineLan-X

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

CVE-2025-36753

The CVE-2025-36753 entry concerns the Growatt ShineLan-X dongle with the SWD debug interface enabled by default. The exposed SWD interface allows an attacker to gain debug access and potentially extract secrets or domains from the device. The root cause is the default-access SWD debug interface; ...

CVE-2025-36753 SWD Interface Open on Growatt ShineLan-X

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device...

Information Exposure

ansible-collection-community-general is vulnerable to Information Exposure. The vulnerability is due to verbose debug output exposing sensitive credentials such as plaintext passwords, which allows an attacker with access to logs to retrieve these secrets and potentially compromise Keycloak...