PT-2025-27511

Name of the Vulnerable Software and Affected Versions: ASR Falcon Linux versions prior to v1536 ASR Kestrel versions prior to v1536 ASR Lapwing Linux versions prior to v1536 Description: The issue is related to an Improper Resource Shutdown or Release, which allows Resource Leak Exposure. This is...

PT-2025-27514

Name of the Vulnerable Software and Affected Versions: ASR Falcon Linux versions prior to v1536 ASR Kestrel versions prior to v1536 ASR Lapwing Linux versions prior to v1536 Description: The issue is related to an Improper Resource Shutdown or Release, which allows Resource Leak Exposure. This is...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: uprobes: The shared zeropage was rejected in uprobewriteopcode. The following crashes were triggered in syzkaller tests: BUG: Incorrect page state in process syz.7.38, pfn:1eff3 Page: refcount:0, mapcount:0,...

CVE-2025-24791

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...

CVE-1999-0426

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing...

LibreOffice Improper Certificate Validation Vulnerability (Mar 2025) - Linux

LibreOffice is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: The offset and length are sanitized before calling skbchecksum. If the access to the sum of the offset and length exceeds the skbuff length, then skbchecksum triggers a BUGON. skbchecksum internally subtrac...

CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...

CVE-2025-24791

CVE-2025-24791 affects snowflake-connector-nodejs (Snowflake NodeJS Driver) on Linux. The vulnerability allows bypassing file permissions checks for the temporary credential cache, exploitable by an attacker with write access to the local cache directory. Affected versions are 1.12.0 through 2.0....

CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...

BIT-NODE-MIN-2022-32222

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3...

Mouse cursor disappears in the double dop scenario

The mouse cursor disappears in certain double-hop scenarios or when using the VirtualBox client. There appears to be a bug in the VirtualBox client rendering of 32-bit color cursors, which causes the mouse cursor to disappear. Double-hop scenarios where CWA for Linux versions prior to 2309 and CW...

PT-2023-14039 · Intel · Intel Qat Driver For Linux

Name of the Vulnerable Software and Affected Versions: Intel QAT Driver for Linux versions prior to 1.7.l.4.12 Description: The issue is related to improper buffer restriction in the software, which may allow an authenticated user to potentially enable denial of service via local access...

IBM DB2 输入验证错误漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The system is implemented in UNIX, Linux, IBMi, z/OS, and Windows server versions. An input validation error vulnerability exists in IBM Db2, which stems from the possibility that the server may crash whe...

PT-2023-17355 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager Windows versions 2022.3.33.0 and prior Devolutions Remote Desktop Manager Linux versions 2022.3.2.0 and prior Description: The issue is related to a lack of access control for the OTP key on OTP entries in...

SUSE CVE-2005-0504

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver moxa.c in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value...

SUSE CVE-2005-2876

umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...

SUSE CVE-2015-3132

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execu...

SUSE CVE-2015-7647

Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648...

SUSE CVE-2021-28688

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...