17761 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38357
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncatefoliobatchexceptionals The WARNONONCE is introduced on...
USN-7699-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...
USN-7699-1 linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...
CVE-2025-55201
Copier library and CLI app for rendering project templates. Prior to 9.9.1, a safe template can currently read and write arbitrary files because Copier exposes a few pathlib.Path objects in the Jinja context which have unconstrained I/O methods. This effectively renders the security model w.r.t...
CVE-2025-54234 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918)
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could lead to limited file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs...
SUSE-SU-2025:02853-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...
SUSE-SU-2025:02849-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2023-52923: netfilter: nftables: split async and sync catchall in two...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2025-38503
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this: BTRFS info device loop0 state M: rebuilding free space tre...
CVE-2025-38534
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix copy-to-cache so that it performs collection with ceph+fscache The netfs copy-to-cache that is used by Ceph with local caching sets up a new request to write data just read to the cache. The request is started and then...
Huawei HarmonyOS kernel file system module Competitive Condition Vulnerability Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS kernel file system module, which can be exploited by attackers to affect availability...
ROS-20250818-06
A vulnerability in the fs/hfs.c file of the hfs component of the Grub2 operating system boot loader is related to writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user using a speciall...
Linux Distros Unpatched Vulnerability : CVE-2019-14197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfsreadreply. CVE-2019-14197 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2019-20423
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by ...
Linux Distros Unpatched Vulnerability : CVE-2019-20427
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation fo...
Linux Distros Unpatched Vulnerability : CVE-2019-20425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets se...
RHEL 9 : kernel (RHSA-2025:13946)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13946 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: quota: Fix potential NULL...
Linux Distros Unpatched Vulnerability : CVE-2019-20429
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for...
Linux Distros Unpatched Vulnerability : CVE-2024-56737
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. CVE-2024-56737 Note that Nessus relie...
CVE-2025-38523
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...