Oracle Java SE Security Update (Apr 2025) - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4102-1] linux-6.1 security update

Debian LTS Advisory DLA-4102-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 31, 2025 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.129-1deb11u1 CVE ID : CVE-2024-26596 CVE-2024-40945 CVE-2024-42069 CVE-2024-42122 CVE-2024-45001 CVE-2024-4772...

Amazon Linux 2 : kernel (ALAS-2025-2775)

The version of kernel installed on the remote host is prior to 4.14.355-274.598. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2775 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: wait and exit until all work queues are...

CVE-2025-1146 CrowdStrike Falcon Sensor for Linux TLS Issue

CrowdStrike uses industry-standard TLS transport layer security to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where o...

CVE-2025-0147

Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access...

Google Chrome Security Update (stable-channel-update-for-desktop_22-2025-01) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

AZL-56315 CVE-2025-21631 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after bfqsplitbfqq Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr ffff8881b57147d8 by task...

Google Chrome Security Update (stable-channel-update-for-desktop_14-2025-01) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...

CVE-2024-2223

An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux...

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics

The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a "number of updated capabilities that...

PT-2023-19932 · Cyberpower · Powerpanel Business Management +1

Name of the Vulnerable Software and Affected Versions: PowerPanel Business Local/Remote for Windows versions 4.8.6 and earlier PowerPanel Business Management for Windows versions 4.8.6 and earlier PowerPanel Business Local/Remote for Linux 32bit versions 4.8.6 and earlier PowerPanel Business...

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager that originates from allowing non-administrators to view OTP keys through the user interface...

NVIDIA DCGM 缓冲区错误漏洞

NVIDIA DCGM is a suite of tools from NVIDIA that are used to manage and monitor NVIDIA data center GPUs in a clustered environment. A security vulnerability exists in the NVIDIA DCGM Linux version that stems from the presence of a heap-based buffer overflow. An attacker could exploit this...

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features...

SUSE CVE-2004-0075

The Vicam USB driver in Linux before 2.4.25 does not use the copyfromuser function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service...

SUSE CVE-2011-1676

mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations...

SUSE CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

Out-of-bounds

sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before arithmetic...

CVE-2022-36536

An issue in the component postapplogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens...