273 matches found
EUVD-2025-206315
EVerest is an EV charging software stack. Prior to version 2025.10.0, during the deserialization of a DCChargeLoopRes message that includes Receipt as well as TaxCosts, the vector taxcosts in the target Receipt structure is accessed out of bounds. This occurs in the method template void...
[SECURITY] [DLA 4443-1] dcmtk security update
Debian LTS Advisory DLA-4443-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 19, 2026 https://wiki.debian.org/LTS Package : dcmtk Version : 3.6.5-1+deb11u6 CVE ID : CVE-2025-14607 CVE-2025-14841 Debian Bug : 1122926 1123584 Two vulnerabilities have been...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003925)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003925 advisory. A vulnerability was found in Linux Kernel where in the spkttyioreceivebuf2 function, it would dereference spkttyiosynth without checking whether it is NULL or not, a...
CVE-2025-71103 drm/msm: adreno: fix deferencing ifpc_reglist when not declared
In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: fix deferencing ifpcreglist when not declared On plaforms with an a7xx GPU not supporting IFPC, the ifpcreglist if still deferenced in a7xxpatchpwrupreglist which causes a kernel crash: Unable to handle kernel NU...
CVE-2022-23577
Tensorflow is an Open Source Machine Learning Framework. The implementation of GetInitOp is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, ...
PT-2026-4485
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the idpf driver related to RSS LUT initialization. Specifically, the RSS LUT is not initialized until an interface is active, leading to a NULL...
AZL-73201 CVE-2025-14180 affecting package php for versions less than 8.3.29-1
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
SUSE CVE-2025-68257
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...
CVE-2022-50670
In the Linux kernel, the following vulnerability has been resolved: mmc: omaphsmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehos...
PT-2025-49633
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s mmc subsystem, specifically within the atmel-mci driver. The mmc add host function may return an error, and failure to check this return value can lea...
Linux Distros Unpatched Vulnerability : CVE-2022-50627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereference crash. This crash happens wh...
Linux Distros Unpatched Vulnerability : CVE-2025-40239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phy: micrel: always set shared-phydev for LAN8814 Currently, during the LAN8814 PTP probe shared-phydev is only set if PTP clock gets actually set, otherwi...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2020-24659)
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...
CVE-2025-40147 blk-throttle: fix access race during throttle policy activation
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: fix access race during throttle policy activation On repeated cold boots we occasionally hit a NULL pointer crash in blkshouldthrotl when throttling is consulted before the throttle policy is fully enabled for the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989409)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989409 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: don't peek at classes beyond 'nbands' when the number of DRR classes decreases...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987623)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987623 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix nsfd startup race again Commit bd5ae9288d64 nfsd: register pernet ops last, unregister...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Initialize frame-based format color matching descriptor Fix NULL pointer crash in uvcgframebasedmake due to uninitialized color matching descriptor for frame-based format which was added in commit f5e7bdd34aca...
EUVD-2025-32825
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd, if sasrphyadd returns error, sasrphyfree needs be called to free the resource allocated in sasenddevicealloc. Otherwise a kernel...
EUVD-2017-9139
Malware in sbrugna...
EUVD-2019-5589
Malware in sbrugna...