12634 matches found
MAL-2025-33594 Malicious code in socket-test-vulnerable (npm)
The package socket-test-vulnerable was found to contain malicious code...
MAL-2025-29680 Malicious code in process-compress-nu-code-socket (npm)
The package process-compress-nu-code-socket was found to contain malicious code...
MAL-2025-33593 Malicious code in socket-tau-psi-daemon-upsilon (npm)
The package socket-tau-psi-daemon-upsilon was found to contain malicious code...
Malicious code in client-connector-socket.io (npm)
The package client-connector-socket.io was found to contain malicious code...
CVE-2025-20134 Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability
A vulnerability in the certificate processing of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS...
CVE-2025-20134
CVE-2025-20134 affects Cisco Secure Firewall ASA/FTD software. The issue stems from improper parsing of SSL/TLS certificates in the certificate processing stack, which can be triggered by sending crafted DNS packets that match a static NAT rule with DNS inspection enabled. An unauthenticated, rem...
CVE-2025-9036
Rockwell Automation FactoryTalk Action Manager (v1.0.0 Runtime) is affected by a vulnerability in its runtime event system that permits unauthenticated local access to a reusable API token. The token is broadcast over a WebSocket and can be intercepted by any local client listening on the connect...
openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....
Linux Distros Unpatched Vulnerability : CVE-2022-50172
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mt76: mt76x02u: fix possible memory leak in mt76x02umcusendmsg Free the skb if mt76ubulkmsg fails in mt76x02umcusendmsg routine. CVE-2022-50172 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2022-3977
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously cal...
Linux Distros Unpatched Vulnerability : CVE-2024-26864
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in inethashconnect. syzbot reported a warning in...
Microsoft Windows Ancillary Function Driver for WinSock 资源管理错误漏洞
Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock. An attacker could exploit the vulnerability to elevate...
Linux Distros Unpatched Vulnerability : CVE-2023-52636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while...
Linux Distros Unpatched Vulnerability : CVE-2021-20268
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls...
Linux Distros Unpatched Vulnerability : CVE-2024-26636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llc: make llcuisendmsg more robust against bonding changes syzbot was able to trick llcuisendmsg, allocating an skb with no headroom, but subsequently trying to...
Linux Distros Unpatched Vulnerability : CVE-2025-38154
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or...
Linux Distros Unpatched Vulnerability : CVE-2017-18509
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel la...
BIT-LIBPYTHON-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()
Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...
kernel: wifi: ath12k: fix invalid access to memory
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12kdprxmsducoalesce, rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb-iscontinuation accessed again which is wrong...
kernel: ipv6: mcast: extend RCU protection in igmp6_send()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...