rxrpc: Fix delayed ACKs to not set the reference serial number

...

Exploit for Improper Restriction of XML External Entity Reference in Sysaid

From-EternalBlue-to-CVE-2025-2776-The-Evolution-of-an-SMB-Atta...

Wireshark Analyzer 4.4.9

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

USN-7703-4 linux-gke, linux-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

CVE-2025-5115

In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21, =12.1.0.alpha2, an HTTP/2 client may trigger the server to send RSTSTREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume...

USN-7703-2 linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gkeop, linux-ibm, linux-ibm-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

USN-7703-1 linux, linux-aws, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

CVE-2025-54472

CVE-2025-54472 affects Apache bRPC’s Redis protocol parser. The root cause is unbounded memory allocation when parsing Redis protocol data, where arrays/strings are allocated based on network-provided integers; if a value is too large, a bad_alloc can crash the service. The issue also affects 1.1...

EulerOS 2.0 SP13 : ppp (EulerOS-SA-2025-1983)

According to the versions of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.CVE-2024-58250 Tenable has extracted the preceding description block directly...

The vulnerability in the `net/ipv4/udp_offload.c` module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the net/ipv4/udpoffload.c module of the Linux operating system is related to incorrect data type conversion. Exploiting this vulnerability can allow an attacker to cause a service failure...

Linux Distros Unpatched Vulnerability : CVE-2022-49020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/9p: Fix a potential socket leak in p9socketopen Both p9fdcreatetcp and p9fdcreateunix will call p9socketopen. If the creation of p9transfd fails,...

Linux Distros Unpatched Vulnerability : CVE-2025-37749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ppp: Add bound checking for skb data on pppsynctxmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents...

redis: Redis Unauthenticated Denial of Service

A flaw was found in Redis. Unauthenticated connections can trigger repeated IP protocol errors, leading to client starvation and an application-level denial of service. This flaw allows an attacker to induce this condition without authentication. This issue results in a denial of service conditio...

go-toolset:rhel8 security update

An update is available for module.go-toolset, golang, module.delve, go-toolset, module.golang, delve. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset...

CVE-2025-35966

A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg Comdb2 8.1. A specially crafted protocol buffer message can lead to a denial of service. An attacker can simply connect to a database instance over TCP and send the crafted message to...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL network protocol...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL network protocol...

The vulnerability of the InnoDB component of the MySQL Database Server, which allows a hacker to cause a service failure

The vulnerability of the InnoDB component in the MySQL Database Management System is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL network protocol...

Vulnerability of the MySQL Server component: This component is part of the Database Management System, allowing attackers to cause service failures.

The vulnerability of the MySQL Server component involves deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system’s optimizer is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...