Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

SUSE-SU-2025:02853-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection (XXE)

/ Exploit Title: Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection XXE Google Dork: N/A Date: 2025-08-17 Exploit Author: Byte Reaper Vendor Homepage: https://www.lantronix.com/ Software Link: https://www.lantronix.com/products/lantronix-provisioning-manager/ Version:...

Linux Distros Unpatched Vulnerability : CVE-2019-5063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause...

Linux Distros Unpatched Vulnerability : CVE-2023-39950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and...

MCPSecBench: a Systematic Security Benchmark and Playground for Testing Model Context Protocols

Large Language Models LLMs are increasingly integrated into real-world applications via the Model Context Protocol MCP, a universal, open standard for connecting AI agents with data sources and external tools. While MCP enhances the capabilities of LLM-based agents, it also introduces new securit...

Linux Distros Unpatched Vulnerability : CVE-2021-47309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation...

Linux Distros Unpatched Vulnerability : CVE-2025-37921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a...

CVE-2025-50159

Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denia...

Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce

Cosmic Sting: CVE-2024-34102 Exploiter Cosmic Sting is a Go-b...

CVE-2025-50159

Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...

CVE-2025-50159 Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability

...

CVE-2025-50159 Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability

...

CVE-2025-40584

CVE-2025-40584 maps to an XXE (XML External Entity) vulnerability in Siemens products, affecting SIMOTION SCOUT TIA (V5.4–V5.7 with various SP/HF constraints) and SIMOTION SCOUT/V5, as well as SINAMICS STARTER (V5.5–V5.7) across all versions listed. The flaw occurs while parsing crafted XML and c...

CVE-2025-40584

A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 All versions, SIMOTION SCOUT TIA V5.5 All versions, SIMOTION SCOUT TIA V5.6 All versions V5.6 SP1 HF7, SIMOTION SCOUT TIA V5.7 All versions V5.7 SP1 HF1, SIMOTION SCOUT V5.4 All versions, SIMOTION SCOUT V5.5 All versions, SIMOTION SCO...

CVE-2025-40584

A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 All versions, SIMOTION SCOUT TIA V5.5 All versions, SIMOTION SCOUT TIA V5.6 All versions V5.6 SP1 HF7, SIMOTION SCOUT TIA V5.7 All versions V5.7 SP1 HF1, SIMOTION SCOUT V5.4 All versions, SIMOTION SCOUT V5.5 All versions, SIMOTION SCO...

Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability

Use after free in Remote Access Point-to-Point Protocol PPP EAP-TLS allows an authorized attacker to elevate privileges locally...

PT-2025-32782 · Unknown +1 · Ppp Eap-Tls +1

Name of the Vulnerable Software and Affected Versions: Remote Access Point-to-Point Protocol PPP EAP-TLS affected versions not specified Description: A use after free issue exists in Remote Access Point-to-Point Protocol PPP EAP-TLS. This allows a locally authorized attacker to elevate privileges...

Linux Distros Unpatched Vulnerability : CVE-2021-47134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setuparch would invoke efiinit-efigetfdtparams. I...