799 matches found
Advisory ROSA-SA-2025-2757
Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.2.res7 CVE-ID: CVE-2024-12085 BDU-ID: 2025-00376 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding buffer boundaries ...
ROS-20250307-03
A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browser exists due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate privileges using a specially crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2024-57793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possib...
Linux Distros Unpatched Vulnerability : CVE-2024-57795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Remove the direct link to netdevice The similar patch in siw is in the link: https://git.kernel.org/rdma/rdma/c/16b87037b48889 This problem also...
Linux Distros Unpatched Vulnerability : CVE-2024-7881
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those contents as an...
Linux Distros Unpatched Vulnerability : CVE-2025-21778
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance...
Linux Distros Unpatched Vulnerability : CVE-2024-53077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rpcrdma: Always release the rpcrdmadevice's xaarray Dai pointed out that the xainitflags in...
PT-2025-9888 · Samsung · Samsung Notes
Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.26.71 Description: The issue is related to an out-of-bounds read when applying binary of pdf content. This allows attackers to read out-of-bounds memory. Recommendations: For versions prior to 4.4.26.71,...
Linux Distros Unpatched Vulnerability : CVE-2025-27144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON W...
Linux Distros Unpatched Vulnerability : CVE-2024-36019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcachemapledrop When keeping the upper end of a cac...
Linux Distros Unpatched Vulnerability : CVE-2024-45775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to...
Linux Distros Unpatched Vulnerability : CVE-2022-49063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rxcpurmap The CI testing bots triggered the...
Linux Distros Unpatched Vulnerability : CVE-2021-44497
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, can cause the bounds of a for loop to be...
Linux Distros Unpatched Vulnerability : CVE-2021-4213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server's RAM...
Linux Distros Unpatched Vulnerability : CVE-2022-1708
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs...
Linux Distros Unpatched Vulnerability : CVE-2024-43806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to get stuck when...
Linux Distros Unpatched Vulnerability : CVE-2024-26996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, ethstop i...
CVE-2025-1933
CVE-2025-1933: On 64-bit CPUs, Firefox/Thunderbird JIT compilation of WASM i32 return values may read leftover memory and misclassify the value type. Affects Firefox (including ESR branches) and Thunderbird prior to 136/128.x. Remediation per sources: upgrade to Firefox 136 (and ESR 115.21 / 128....
CVE-2024-47260
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API mediaclip.cgi did not have a sufficient input validation allowing for uploading more audio clips then designed resulting in the Axis device running out of memory. Axis has released patched AXIS OS versions for the...
CVE-2024-47260
The CVE-2024-47260 entry relates to Axis AXIS OS devices where the VAPIX API mediaclip.cgi lacked sufficient input validation, enabling an attacker to upload more audio clips than intended and causing memory exhaustion on the device. This is supported by Axis security advisories noting patched AX...