CVE-2025-34323

Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...

kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

PT-2025-47332

Name of the Vulnerable Software and Affected Versions baryhuang/mcp-server-aws-resources-python version 0.1.0 Description A code injection issue exists due to insufficient input validation in the execute query method. This allows for remote code execution by exposing dangerous Python built-in...

PT-2026-2535

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel’s Network File System daemon NFSD related to handling Access Control Lists ACLs during NFSv4 file creation. Specifically, when an NFSv4 client attempt...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53173)

NFSv4.0: When two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in nfs4opendatafree can result in a use-after- free of the pointer to the defunct rpc task of the other thread. This plugin only works with Tenable.ot...

kernel: NFS: Fix a race when updating an existing write

A flaw use after free in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

ROS-20251117-06

A vulnerability in the vfs.c component of the Linux operating system kernel is related to reading outside the allowed boundaries of the of the data buffer. Exploitation of the vulnerability could allow an attacker to impact the integrity of the data integrity...

f2fs: fix null-ptr-deref in f2fs_get_dnode_of_data

...

CVE-2025-9982

A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege...

ext4: verify orphan file size is not too big

...

SUSE CVE-2025-40179

In the Linux kernel, the following vulnerability has been resolved: ext4: verify orphan file size is not too big In principle orphan file can be arbitrarily large. However orphan replay needs to traverse it all and we also pin all its buffers in memory. Thus filesystems with absurdly large orphan...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990924 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed inline inodes i...

CVE-2025-40150

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs dm-64: Inconsistent segment 173822 type 1, 0 in SSA and SIT F2FS-fs dm-64: Stopped filesystem due to reason: 4 Thread A Thread B -...

CVE-2025-40138

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...

CVE-2025-40137

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...

SUSE CVE-2025-40125

In the Linux kernel, the following vulnerability has been resolved: blk-mq: check kobject stateinsysfs before deleting in blkmqunregisterhctx In blkmqupdatenrhwqueues the return value of blkmqsysfsregisterhctxs is not checked. If sysfs creation for hctx fails, later changing the number of hwqueue...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2025:4081-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4081-1 advisory. - CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions bsc1252376 -...

Siemens SIMATIC S7-1500 Deadlock (CVE-2024-27032)

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULTBLOCK is on, it is possible that f2fsreservenewblock will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 a...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2023-3212)

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a...

Siemens SIMATIC S7-1500 Initialization of a Resource with an Insecure Default (CVE-2024-56433)

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...