Azure Linux 3.0 Security Update: kata-containers (CVE-2024-32650)

The version of kata-containers installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32650 advisory. - Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall int...

Azure Linux 3.0 Security Update: kernel (CVE-2024-40995)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40995 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: fix possible infinite...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38001)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38001 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueu...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57940)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57940 advisory. - In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in...

Azure Linux 3.0 Security Update: python3 / tensorflow (CVE-2024-8088)

The version of python3 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8088 advisory. - There is a HIGH severity vulnerability affecting the CPython zipfile module affecting...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21667)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21667 advisory. - In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit...

Azure Linux 3.0 Security Update: javapackages-bootstrap (CVE-2024-25710)

The version of javapackages-bootstrap installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25710 advisory. - Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Apache Commons...

CVE-2025-68137

EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...

CVE-2025-68137

EVerest before version 2025.10.0 is affected by an integer overflow in SdpPacket::parse_header(). After reading an 8-byte header, the remaining length can be set to 7, and the calculation of the remaining length yields a negative value that is interpreted as SIZE_MAX. This can cause an infinite l...

CVE-2025-68137

EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...

CVE-2025-68137 EVerest's Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop

EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...

CVE-2025-68137 EVerest's Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop

EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...

EUVD-2025-206317

EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...

CVE-2025-68137 EVerest's Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop

EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parseheader allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining length to read is computed using the current length subtract...

SUSE-SU-2026:0196-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45231: Fixed out of bounds read when handling a ND Redirect message with truncated options bsc1218881. - CVE-2023-45232: Fixed infinite loop when parsing unknown options in the Destination Options header bsc1218882. - CVE-2023-45233: Fix...

PT-2026-3850

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2025.10.0 Description EVerest is an EV charging software stack. An integer overflow in the SdpPacket::parse header function can occur when processing data. Specifically, the current buffer length can be set to 7 after...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in ProcessMSLScript. An attacker can cause the application to crash or become unresponsive by supplying a specially crafted Magick Scripting Language MSL file that triggers infinite recursion, resulting in a stack overflow...

Infinite loop

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Infinite loop

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Infinite loop

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...