12632 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38571
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over...
CVE-2025-9474
A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach...
Linux Distros Unpatched Vulnerability : CVE-2023-47641
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Affected versions of aiohttp have a security vulnerability regarding the...
Linux Distros Unpatched Vulnerability : CVE-2022-25643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket...
CVE-2024-58240
In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...
kernel: tls: always refresh the queue when reading sock
In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...
Linux Distros Unpatched Vulnerability : CVE-2025-47792
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user...
Linux Distros Unpatched Vulnerability : CVE-2019-13611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking CSWSH vulnerability that allows attackers to make WebSocket...
Linux Distros Unpatched Vulnerability : CVE-2020-25652
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in...
kernel: tls: always refresh the queue when reading sock
In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...
CVE-2025-9474
A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach...
CVE-2025-9474 Mihomo Party Socket sysproxy.ts enableSysProxy temp file
A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach...
CVE-2025-9474
CVE-2025-9474 affects Mihomo Party up to version 1.8.1 on macOS. The vulnerability is in the enableSysProxy function of src/main/sys/sysproxy.ts within the Socket Handler component and results in creation of a temporary file with insecure permissions. The attack is local in scope and described as...
SUSE-SU-2025:20620-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-56664: bpf, sockmap: fix race between element replace and close bsc1235250 - CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 - CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability...
kernel: tls: always refresh the queue when reading sock
In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...
SUSE-SU-2025:20610-1 Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-56664: bpf, sockmap: fix race between element replace and close bsc1235250 - CVE-2025-37752: netsched: schsfq: move the limit validation bsc1245776 - CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in...
kernel: udp: Fix memory accounting leak.
A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...
kernel: udp: Fix memory accounting leak.
A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...
kernel: udp: Fix memory accounting leak.
A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...
Linux Distros Unpatched Vulnerability : CVE-2017-18265
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSock...