USN-7907-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

LIVE555 Streaming Media Null Pointer Dereference Vulnerability

LIVE555 Streaming Media is a cross-platform C++ open source library , focusing on providing solutions for streaming media applications , supporting a variety of standard protocols such as RTP/RTCP, RTSP and SIP. LIVE555 Streaming Media has a null pointer dereference vulnerability that originates...

CVE-2025-65408

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted ADTS file...

UBUNTU-CVE-2025-65408

A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted ADTS file...

CVE-2025-13265 lsfusion platform ZipUtils.java unpackFile path traversal

A weakness has been identified in lsfusion platform up to 6.1. This vulnerability affects the function unpackFile of the file server/src/main/java/lsfusion/server/physics/dev/integration/external/to/file/ZipUtils.java. This manipulation causes path traversal. It is possible to initiate the attack...

CVE-2025-13265

The CVE-2025-13265 entry describes a path-traversal weakness in lsFusion Platform (up to 6.1) affecting ZipUtils.java (file server path: ZipUtils.java, unpackFile function). The underlying issue is improper handling in unpackFile that allows path traversal, and the vulnerability can be triggered ...

lsFusion 路径遍历漏洞

lsFusion is an information system development platform based on a declarative open source language from lsfusion Open Source. A path traversal vulnerability exists in lsfusion 6.1 and earlier versions, which stems from incorrect manipulation of the function in the file...

CVE-2025-34299

Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious SFTP server...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990200)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990200 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20721)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20721 advisory. - nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Jeff Layton Orabug: 38575798 CVE-2025-38724 Tenable has extracted the preceding...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 kernel: sunrpc: fix clien...

Samba Memory Disclosure Vulnerability (CVE-2025-9640)

Samba is prone to an uninitialized memory disclosure vulnerability via vfsstreamsxattr. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-53680 NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

EUVD-2018-0326

Malware in sbrugna...

EUVD-2018-0229

Malware in sbrugna...

EUVD-2017-18728

Malware in sbrugna...

EUVD-2020-1048

Malware in sbrugna...

EUVD-2020-1193

Malware in sbrugna...