616 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-22114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: don't clobber ret in btrfsvalidatesuper Commit 2a9bb78cfd36 btrfs: validate system...
Fedora 42 : chromium (2025-04158e05ef)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04158e05ef advisory. Updated to 139.0.7258.66 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementati...
CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2022-50205
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 12 security fixes: 414760982 Medium CVE-2025-8576: Use after free in Extensions. Reported by asnine on 2025-04-30 384050903 Medium CVE-2025-8577: Inappropriate implementation in Picture In Picture. Reported by Umar Farooq on 2024-12-14 423387026 Mediu...
USN-7654-2 linux-intel-iot-realtime, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation
The fix for CVE-2024-50379 in Apache Tomcat was insufficient to mitigate the issue fully. A Time-of-check Time-of-use TOCTOU race condition occurs during JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. This vulnerability allows an uploaded file to...
USN-7596-1 linux-azure, linux-azure-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...
PT-2025-30757
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.16.0-rc2-WSL2-STABLE and earlier. Description A runtime warning was observed in the truncate folio batch exceptionals function within the Linux kernel's fuse module. This issue was addressed by applying a fix initially...
SUSE CVE-2022-50205
In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes per group. Also verify we have at least one block worth of inodes pe...
DEBIAN-CVE-2022-50205
In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes per group. Also verify we have at least one block worth of inodes pe...
DEBIAN-CVE-2022-50090
In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize On zoned filesystem, data write out is limited by maxzoneappendsize, and a large ordered extent is split according the size of a bio. OTOH, the number of extents to be...
CVE-2022-50205
The CVE-2022-50205 entry corresponds to a Linux kernel vulnerability in ext2 that adds validity checks for inode counts. The root cause is that inodes stored in the superblock must match the computed value from inodes-per-group, and there must be at least one block worth of inodes per group; thes...
CLSA-2025-1749480611 kernel: Fix of 25 CVEs
rcu-tasks: Fix showrcutaskstracegpkthread buffer overflow CVE-2024-38577 - tcp: fix mptcp DSS corruption due to large pmtu xmit CVE-2024-50083 - vsock: Keep the binding until socket destruction CVE-2025-21756 - memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove CVE-2025-22020 -...
kernel: ext4: fix OOB read when checking dotdot dir
A flaw was found in the ext4 module in the Linux kernel. An out-of-bounds read can be triggered when a corrupted ext4 filesystem is mounted due to a missing check, resulting in a denial of service that causes the system to freeze or become unusable...
CVE-2021-43395
An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle...
SUSE CVE-2022-49831
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: initialize device's zone info for seeding When performing seeding on a zoned filesystem it is necessary to initialize each zoned device's btrfszoneddeviceinfo structure, otherwise mounting the filesystem will cause ...
USN-7455-1 linux, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-raspi vulnerabilities
Jann Horn discovered that the watchqueue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or escalate their privileges. CVE-2022-0995 Several security issues were discovered i...