Linux Distros Unpatched Vulnerability : CVE-2025-68209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mlx5: Fix default values in create CQ Currently, CQs without a completion function are assigned the mlx5addcqtotasklet function by default. This is problematic...

PT-2025-51693

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the f eem module within the gadget subsystem, specifically in the eem unwrap function. The existing code lacked proper error handling for usb e...

Linux Distros Unpatched Vulnerability : CVE-2025-68265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after...

PT-2025-51645

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition within the virtual ethernet veth module can lead to a permanently stalled transmit queue TXQ. This issue stemmed from a flawed implementation in commit dc82a33297fc, whi...

Linux Distros Unpatched Vulnerability : CVE-2023-53825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 kcm: Fix memory leak in error path of...

libsoup: Heap Use-After-Free in libsoup message queue handling during HTTP/2 read completion

A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missin...

CVE-2025-64992

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remo...

CVE-2025-64992

CVE-2025-64992 describes a command injection in TeamViewer DEX (formerly 1E DEX), specifically in the 1E-Nomad-PauseNomadJobQueue instruction before version V25. The root cause is improper input validation that allows authenticated attackers with Actioner privileges to inject arbitrary commands, ...

CVE-2025-64992 Command Injection in 1E-Nomad-PauseNomadJobQueue Instruction

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remo...

EUVD-2025-202672

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991181)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991181 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, bu...

PT-2025-50599

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remo...

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-47914 DESCRIPTION: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the...

CVE-2023-53799

In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...

CVE-2022-50639

In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been...

SUSE CVE-2022-50666

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siwqpdestroy call, so...

SUSE CVE-2022-50671

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix "kernel NULL pointer dereference" error When rxequeueinit in the function rxeqpinitreq fails, both qp-req.task.func and qp-req.task.arg are not initialized. Because of creation of qp fails, the function rxecreateqp...

SUSE CVE-2023-53799

In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...

SUSE CVE-2023-53823

In the Linux kernel, the following vulnerability has been resolved: block/rqqos: protect rqqos apis with a new lock commit 50e34d78815e "block: disable the elevator int delgendisk" move rqqosexit from diskrelease to delgendisk, this will introduce some problems: 1 If rqqosadd is triggered by...

SUSE CVE-2023-53825

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...