Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2025-2442)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : pam (EulerOS-SA-2025-2452)

According to the versions of the pam packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks a...

TencentOS Server 3: kernel (TSSA-2024:1025)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1025 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2025-63604

A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the executequery method. The vulnerability stems from the exposure of dangerous Python built-in functions import, getattr, hasattr in...

kernel: do_change_type(): refuse to operate on unmounted/not ours mounts

In the Linux kernel, the following vulnerability has been resolved: dochangetype: refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount2...

CVE-2025-63604

A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the executequery method. The vulnerability stems from the exposure of dangerous Python built-in functions import, getattr, hasattr in...

GO-2025-4093 MARIN3R: Cross-Namespace Vulnerability in the Operator in github.com/3scale-sre/marin3r

MARIN3R: Cross-Namespace Vulnerability in the Operator in github.com/3scale-sre/marin3r...

kernel: do_change_type(): refuse to operate on unmounted/not ours mounts

In the Linux kernel, the following vulnerability has been resolved: dochangetype: refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount2...

SUSE CVE-2025-40195

In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...

pid: Add a judgment for ns null in pid_nr_ns

...

mount: handle NULL values in mnt_ns_release()

...

SUSE CVE-2025-40178

In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...

SUSE CVE-2025-40203

In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...

CVE-2025-40178

In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...

EUVD-2025-150371

In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...

EUVD-2025-150379

In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...

EUVD-2025-150396

In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...

Linux Distros Unpatched Vulnerability : CVE-2025-40178

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2025-40195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully. CVE-2025-40195 Note...

Siemens SIMATIC S7-1500 Exposure of Resource to Wrong Sphere (CVE-2022-25236)

xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...