CVE-2024-57917 topology: Keep the cpumask unchanged when printing cpumap

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...

CVE-2024-57917

CVE-2024-57917 : In the Linux kernel, the cpumask may be modified during printing of cpumap, causing mismatched lengths in kvasprintf-based formatting. The fix caches the cpumask to a temporary variable before cpumap_print_{list, cpumask}_to_buf() to keep it unchanged during printing. Impact is p...

CVE-2024-57917 topology: Keep the cpumask unchanged when printing cpumap

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...

Mattermost Server 10.0.x < 10.3 (MMSA-2024-00400)

The version of Mattermost Server installed on the remote host is prior to 10.3. It is, therefore, affected by a improper access control vulnerability as referenced in the MMSA-2024-00400 advisory due to a failure to accurately reflect missing settings, which allows confusion for admins regarding ...

CBL Mariner 2.0 Security Update: kubernetes (CVE-2024-10220)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...

Fedora 40 : rsync (2025-73c1f25730)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-73c1f25730 advisory. New version 3.4.0. Contains fixes for CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747. Tenable has...

Microsoft Security Update Validation Report January 2025

Microsoft’s January 2025 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwar...

Fortinet Fortigate Path traversal in csfd daemon (FG-IR-24-259)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-24-259 advisory. - A improper limitation of a pathname to a restricted directory 'path traversal' in Fortinet FortiRecorder versions...

Vulnerabilities-Proofs-of-Concept

Vulnerabilities Proofs-of-Concept This repository hosts proof...

Exploit for Improper Check for Unusual or Exceptional Conditions in Jenkins

Intro This is an exploit for CVE-2024-43044, an arbitrary fil...

Exploit for CVE-2024-12856

CVE-2024-12856 This is an exploit for Four-Faith router models...

MAL-2025-191720 Malicious code in djangoframework-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fe24a0d1142970bffbb9b8eba926e7153c78c87083aa7e374c146d9e1608aec4 Importing the module exfiltrates basic information using DNS queries. There is no other purpose of the package. --- Category: PROBABLYPENTEST - Packages lookin...

CVE-2024-56773 kunit: Fix potential null dereference in kunit_device_driver_test()

In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunitdevicedrivertest kunitkzalloc may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for teststate...

FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance

The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things IoT consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission FCC said. "Under thi...

PT-2025-36264

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free UAF vulnerability exists in the net/smc module of the Linux kernel. The issue occurs because newclcsock-sk can become NULL after smc listen out connected releases the...

PT-2025-30800

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw was discovered in the Linux kernel related to the Network File System NFS. Specifically, the issue occurs when nfs fs proc net init fails, leading to the improper removal of the...

PT-2025-30873

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ATM CLIP module, specifically within the clip push function. A recursive call can occur under certain conditions, potentially leading to ...

Debian dla-4005 : debootstrap - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4005 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4005-1 [email protected] https://www.debian.org/lts/security/...

CVE-2024-56676

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with free need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed ...

SUSE CVE-2024-56676

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with free need to be initialized if the function can return before they get updated for the first time or the attempt to free the memory pointed ...