New LockBit 5.0 Targets Windows, Linux, ESXi

Trend™ Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced obfuscation, anti-analysis techniques, and seamless cross-platform capabilities for Windows, Linux, and ESXi systems...

Linux Distros Unpatched Vulnerability : CVE-2025-39871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: idxd: Remove improper idxdfree The call to idxdfree introduces a duplicate putdevice leading to a reference count underflow: refcountt: underflow;...

Linux Distros Unpatched Vulnerability : CVE-2025-10492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute...

Linux Distros Unpatched Vulnerability : CVE-2023-53423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: objtool: Fix memory leak in createstaticcallsections strdup allocates memory for keyname. We...

Linux Distros Unpatched Vulnerability : CVE-2025-39842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2deleteosb, ocfs2journalshutdown has already been executed in ocfs2dismountvolume...

Linux Distros Unpatched Vulnerability : CVE-2025-10585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

Linux Distros Unpatched Vulnerability : CVE-2025-10535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143. CVE-2025-10535 Note that...

Linux Distros Unpatched Vulnerability : CVE-2022-50399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: atomisp: prevent integer overflow in shcsssetblackframe The height and width values come from the user so the height width multiplication can overflow...

Linux Distros Unpatched Vulnerability : CVE-2025-10500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromi...

Linux Distros Unpatched Vulnerability : CVE-2022-50393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: SDMA update use unlocked iterator SDMA update page table may be called from unlocked context, this generate below warning. Use unlocked iterator to...

Linux Distros Unpatched Vulnerability : CVE-2025-39808

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: hid-ntrig: fix unable to handle page fault in ntrigreportversion in ntrigreportversion, hdev parameter passed from hidprobe. sending descriptor to /dev/uhi...

Linux Distros Unpatched Vulnerability : CVE-2023-53237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpuirqput call trace in gmcv110hwfini The gmc.eccirq is enabled by firmwa...

Linux Distros Unpatched Vulnerability : CVE-2022-50307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for...

Linux Distros Unpatched Vulnerability : CVE-2022-50284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipc: fix memory leak in initmqueuefs When setupmqsysctls failed in initmqueuefs, mqueueinodecachep is not released. In order to fix this issue, the release path...

Linux Distros Unpatched Vulnerability : CVE-2023-53152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: fix calltrace warning in amddrmbuddyfini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated...

Linux Distros Unpatched Vulnerability : CVE-2025-59052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container...

Linux Distros Unpatched Vulnerability : CVE-2025-39737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when runnin...

Linux Distros Unpatched Vulnerability : CVE-2025-39757

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared length...

Linux Distros Unpatched Vulnerability : CVE-2022-1242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apport can be tricked into connecting to arbitrary sockets as the root user CVE-2022-1242 Note that Nessus relies on the presence of the package as reported by...

Linux Distros Unpatched Vulnerability : CVE-2011-0132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets CSS 2.1 Visual Formatting Model implementation in WebKit, as used in...