kernel: Bluetooth: hci_sock: Fix not validating setsockopt user input

A denial of service vulnerability was found in the Linux kernel. No input validation is performed in the Bluetooth hcisock function. This vulnerability could lead to a crash, resulting in the loss of system availability...

kernel: of: module: add buffer overflow check in of_modalias()

A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...

CVE-2025-46585

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability...

KLA83544 DoS vulnerability in PostgreSQL

Buffer over-read vulnerability was found in PostgreSQL. Malicious users can exploit this vulnerability to cause denial of service. Original advisories PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation Related products PostgreSQL CVE lis...

CVE-2025-46592

CVE-2025-46592 describes a null pointer dereference in Huawei HarmonyOS USB HDI driver module, with impact limited to availability. Public records (NVD, Red Hat, CNVD, CVE lists) flag the vulnerability as local‑level with LOW privileges required and no user interaction. The CVSS base scores in th...

CVE-2025-46592

Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-46585

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability...

K000151082: PostgreSQL vulnerability CVE-2021-32027

Security Advisory Description A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory...

F5 Networks BIG-IP : PostgreSQL vulnerability (K000151082)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000151082 advisory. A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While...

Amazon Linux 2 : runc (ALASECS-2025-062)

The version of runc installed on the remote host is prior to 1.0.0-0.3.20210225.git12644e6. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-062 advisory. The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly...

Amazon Linux 2 : runc (ALASECS-2025-064)

The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-064 advisory. A flaw was found in runc. An attacker who controls the container image for two containers that share a volume...

Important: runc

Issue Overview: A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this...

CVE-2025-31324

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

CVE-2025-31324 Missing Authorization check in SAP NetWeaver (Visual Composer development server)

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

Amazon Linux AMI : runc (ALAS-2021-1556)

The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a.1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1556 advisory. runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor...

Huawei HarmonyOS Buffer Overflow Vulnerability

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a buffer overflow vulnerability, which originates in the codec module, that can be exploited by an attacker to affect availability...

The vulnerability of the bpf_prog_map_compatible() function in the kernel/bpf/core.c file of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bpfprogmapcompatible function in the kernel/bpf/core.c file of the Linux operating system is related to errors in the code. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

KLA82680 Multiple vulnerabilities in Oracle VirtualBox

Denial of service vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerability to cause denial of service. Original advisories Oracle Virtualization Risk Matrix Exploitation Public exploits exist for this vulnerability. Related products Oracle-VirtualBox CVE li...

The vulnerability of the kvm_tdp_mmu_put_root() function in the arch/x86/kvm/mmu/tdp_mmu.c module of the virtualization subsystem on the x86 kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmtdpmmuputroot function in the arch/x86/kvm/mmu/tdpmmu.c module of the virtualization subsystem on the x86 kernel of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromis...

CVE-2024-58110

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability...