EUVD-2025-197910

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48593

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

GnuTLS -- Stack write buffer overflow

GnuTLS reports: When a PKCS11 token is initialized with gnutlspkcs11tokeninit function and it is passed a token label longer than 32 characters, it may write past the boundary of stack allocated memory...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50201)

linux: drm/radeon: encoder-possibleclones. In the past nothing validated that drivers were populating possibleclones correctly, which resulted in some warnings during driver initialization. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41068)

s390/sclp: sclpinit failure. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504592; scriptversion"1.2";...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53103)

hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

kernel: of_numa: fix uninitialized memory nodes causing kernel panic

A flaw was found in the linux kernel ofnuma subsystem fails to properly initialize memory‑only NUMA nodes i.e., nodes without CPUs. When such nodes remain uninitialized, a subsequent call to freeareainit may access NODEDATA for those nodes and trigger a kernel panic due to a NULL pointer...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

EUVD-2022-55681

Vodafone H500s devices running firmware v3.5.10 hardware model Sercomm VFH500 expose the WiFi access point password via an unauthenticated HTTP endpoint. By sending a crafted GET request to /data/activation.json with specific headers and cookies, a remote attacker can retrieve a JSON document tha...

KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace

...

SUSE CVE-2025-40177

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to...

SUSE CVE-2025-40182

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

SUSE SLES15 Security Update : lasso (SUSE-SU-2025:4090-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4090-1 advisory. - CVE-2025-46784: Fixed memory exhaustion in Entr'ouvert Lasso bsc1253094 - CVE-2025-46404: Fixed denial of service in Entr'ouvert...

CVE-2025-40127

In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is performed on an uninitialized clk pointer, resulting in division by zer...

CVE-2025-40177

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to...

SUSE-SU-2025:21040-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missi...

EUVD-2025-177676

Malicious code in nebula-init-resolvers-frontend npm...

EUVD-2025-150392

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

SUSE CVE-2025-40127

In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is performed on an uninitialized clk pointer, resulting in division by zer...