8849 matches found
USN-7690-1: OpenJDK 17 vulnerabilities
It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
USN-7690-1 openjdk-17 vulnerabilities
It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
CVE-2025-8866
An authentication flaw has been discovered in YugabyteDB. Access is not properly enforced for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...
[SECURITY] Fedora 42 Update: toolbox-0.2-1.fc42
Toolbx is a tool for Linux, which allows the use of interactive command line environments for software development and troubleshooting the host operating system, without having to install software on the host. It is built on top of Podman and other standard container technologies from OCI. Toolbx...
CVE-2025-8866
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...
CVE-2025-8866
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records...
CVE-2025-8866
Summary: CVE-2025-8866 affects the YugabyteDB Anywhere web server, where the /metamaster/universe API endpoint does not properly enforce authentication. What’s affected: YugabyteDB Anywhere web server (specific versions not enumerated in provided documents). Root cause (as described): Authenticat...
PT-2025-32557 · Yugabyte · Yugabytedb Anywhere
Name of the Vulnerable Software and Affected Versions: YugabyteDB Anywhere affected versions not specified Description: The YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to...
Linux Distros Unpatched Vulnerability : CVE-2022-49865
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a struct ifaddrlblmsg to the network, ifalreserved remained uninitialized...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: multus-cni, kubevela, descheduler-fips, datadog-agent-fips, nuclei, prometheus-pushgateway-fips, openfga, aws-signer-notation-plugin, hydra-fips, consul-fips, cilium-envoy, ratify, gitlab-runner, consul, aws-ebs-csi-driver-fips, git-lfs-fips,...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block group refcount race in btrfscreatependingblockgroups CVE-2025-22115 In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and...
CLSA-2025-1754553172 kernel: Fix of 17 CVEs
net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 - jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted CVE-2022-50126 - kernfs: fix potential NULL dereference in kernfsremove CVE-2022-50148 - md-raid10: fix KASAN warning CVE-2022-50211 - xhci: Fix...
net: clear the dst when changing skb protocol
...
Linux Distros Unpatched Vulnerability : CVE-2025-22059
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: udp: Fix multiple wraparounds of sk-skrmemalloc. udpenqueuescheduleskb has the following...
Linux Distros Unpatched Vulnerability : CVE-2025-22021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, ...
PT-2025-35956
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc4+ 3 Description A flaw exists in the Linux kernel’s hv netvsc component where a panic can occur during namespace deletion with Virtual Functions VF. The issue arises from moving a VF NIC to a new...
Linux Distros Unpatched Vulnerability : CVE-2023-1382
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A data race flaw was found in the Linux kernel, between where con is allocated and con-sock is set. This issue leads to a NULL pointer dereference when accessin...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
USN-7686-1 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
USN-7685-2 linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...