Astra Linux – Vulnerability in curl

There is an information disclosure vulnerability in curl v8.1.0 when performing HTTPS transfers. libcurl may incorrectly use the read callback CURLOPTREADFUNCTION to request data to be sent, even when the CURLOPTPOSTFIELDS option is set. This occurs if the same handle was previously used to issue...

Astra Linux - уязвимость в curl

When performing HTTPS transfers, libcurl may incorrectly use the read callback CURLOPTREADFUNCTION to request data to be sent, even when the CURLOPTPOSTFIELDS option has been set. This occurs if the same handle was previously used to issue a PUT request that utilized that callback. This flaw may...

JLSEC-2026-396

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...

JLSEC-2026-410

An information disclosure vulnerability exists in curl v8.1.0 when doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously wasused to issue a PUT request...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: uacce: fixed the isolate/sysfs check condition. uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will now create sysfs...

can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message

...

CVE-2025-8860

CVE-2025-8860 affects QEMU by a flaw in the uefi-vars device: after writing to UEFI_VARS_REG_BUFFER_SIZE, a heap buffer is allocated without zeroing, leaving residual data that can be read later from UEFI_VARS_REG_PIO_BUFFER_TRANSFER, causing information disclosure. Oracle Linux advisories ELSA-2...

CVE-2025-8860 Qemu-kvm: uefi-vars: information disclosure vulnerability in uefi_vars_write callback

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFIVARSREGBUFFERSIZE, the .write callback uefivarswrite is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. Wh...

SUSE CVE-2026-23094

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

CVE-2026-23094

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

CVE-2026-23094

CVE-2026-23094 : In the Linux kernel, the uacce subsystem’s device isolation feature creates sysfs files when either isolate_err_threshold_read or isolate_err_threshold_write callbacks exist. The issue was that accessing a non-existent callback could crash the system. The resolution implements a ...

EUVD-2026-5448

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

CVE-2026-23094 uacce: fix isolate sysfs check condition

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

CVE-2026-23094 uacce: fix isolate sysfs check condition

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

Siemens SIMATIC S7-1500 Expected Behavior Violation (CVE-2022-32221)

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...

EUVD-2023-38864

Malicious code in bioql PyPI...

EUVD-2023-59134

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-8860

When the guest writes to register UEFIVARSREGBUFFERSIZE, the .write callback uefivarswrite is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. When the guest later reads from register...

Linux Distros Unpatched Vulnerability : CVE-2023-34823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fdkaac before 1.0.5 was discovered to contain a stack overflow in readcallback function in src/main.c. CVE-2023-34823 Note that Nessus relies on the presence of...

CVE-2023-34823

fdkaac before 1.0.5 was discovered to contain a stack overflow in readcallback function in src/main.c...