17761 matches found
jfs: Fix null-ptr-deref in jfs_ioc_trim
...
cifs: fix underflow in parse_server_interfaces()
...
f2fs: fix to avoid potential panic during recovery
...
jfs: add check read-only before txBeginAnon() call
...
f2fs: avoid infinite loop to flush node pages
...
f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC
...
afs: Fix lock recursion
...
USN-7737-1 linux-azure, linux-azure-6.8, linux-azure-nvidia vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; -...
GHSA-G2PQ-9JR7-W6GV Jenkins Git client Plugin file system information disclosure vulnerability
In Jenkins Git client Plugin 6.3.2 and earlier, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an...
CVE-2025-58458
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...
CVE-2025-58458
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...
PT-2025-35780
Name of the Vulnerable Software and Affected Versions: Jenkins Git client Plugin versions 6.3.2 and earlier Description: The Git URL field form validation responses differ based on whether the specified file path exists on the Jenkins controller when using the amazon-s3 protocol with JGit. This...
Linux Distros Unpatched Vulnerability : CVE-2025-38677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x1c1/0x2a0...
USN-7725-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...
USN-7726-4 linux-gke, linux-ibm-5.15, linux-kvm vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7727-3 linux-aws vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...
CVE-2025-52551
E2 Facility Management Systems use a proprietary protocol that allows for unauthenticated file operations on any file in the file system...
CVE-2025-52544
E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system...
CVE-2025-52551 Proprietary protocol allows for unauthenticated file operations
E2 Facility Management Systems use a proprietary protocol that allows for unauthenticated file operations on any file in the file system...
CVE-2025-52544 Arbitrary read file from the filesystem
E3 Site Supervisor Control firmware version 2.31F01 has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can access any file from the E3 file system...