AZL-71617 CVE-2025-65637 affecting package kubernetes for versions less than 1.28.4-21

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

EUVD-2019-13508

Malware in sbrugna...

EUVD-2025-0207

Malicious code in bioql PyPI...

CVE-2025-6297 dpkg-deb: Fix cleanup for control member with restricted directories

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...

Linux Distros Unpatched Vulnerability : CVE-2021-3507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 including. It could occur in fdctrltransferhandler in hw/block/fdc.c while...

EulerOS Virtualization 3.0.6.0 : qemu (EulerOS-SA-2023-3460)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite...

F5 Networks BIG-IP : Linux kernel vulnerability (K04107324)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.2 / 15.1.4 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K04107324 advisory. An infinite loop issue was found in the vhostnet kernel module in Linux Kernel up to...

Oracle Linux 7 : qemu (ELSA-2018-4312)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4312 advisory. - usb-mtp: outlaw slashes in filenames Gerd Hoffmann Orabug: 29037012 CVE-2018-16867 - lsi53c895a: check message length value is valid Prasad J Pandit Orabug:...

SUSE SLES12 Security Update : qemu (SUSE-SU-2023:3015-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3015-1 advisory. - A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and...

Amazon Linux 2 : qemu, --advisory ALAS2-2023-2148 (ALAS-2023-2148)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2148 advisory. A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including...

Node.js: node.js process aborts when processing x509 certs with invalid public key information

A vulnerability existed in Node.js versions 18.14.2 and 19.7.0 that allowed malicious actors to cause a denial-of-service DoS by providing x509 certificates with invalid public key information. This vulnerability could lead to the termination of the Node.js process, resulting in interruptions to...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3263-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3263-1 advisory. - An infinite loop issue was found in the vhostnet kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets ...

Oracle Linux 7 : qemu (ELSA-2022-9669)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9669 advisory. - display/qxl-render: fix race condition in qxlcursor CVE-2021-4207 Mauro Matteo Cascella Orabug: 34049511 CVE-2021-4207 - ui/cursor: fix integer...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : QEMU vulnerabilities (USN-5489-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5489-1 advisory. Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could us...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-3061)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3061 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libvirt - Resolves: bz1932917 CVE-2021-3416 virt:rhel/qemu-kvm: QEMU...

CVE-2021-20221

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to...

CVE-2021-3507

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 including. It could occur in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU...

CVE-2021-3507

A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-1684)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...