4074 matches found
[SECURITY] Fedora 42 Update: qt6-qtmqtt-6.9.3-1.fc42
MQTT is a machine-to-machine M2M protocol utilizing the publish-and-subscri be paradigm, and provides a channel with minimal communication overhead. The Qt MQTT module provides a standard compliant implementation of the MQTT protocol specification. It enables applications to act as telemetry...
CVE-2025-40102
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...
CVE-2025-58183
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...
CVE-2025-12058
The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from the way the StringLookup layer is handled during model loading from a...
ROS-20251029-01
Gstreamer multimedia framework vulnerability is related to a buffer overflow on the stack. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
CVE-2025-11375
Consul and Consul Enterprise’s “Consul” event endpoint is vulnerable to denial of service DoS due to lack of maximum value on the Content Length header. This vulnerability, CVE-2025-11375, is fixed in Consul Community Edition 1.22.0 and Consul Enterprise 1.22.0, 1.21.6, 1.20.8 and 1.18.12...
CVE-2021-38561 affecting package podman for versions less than 5.6.1-2
CVE-2021-38561 affecting package podman for versions less than 5.6.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2024-45310 affecting package buildah for versions less than 1.41.4-2
CVE-2024-45310 affecting package buildah for versions less than 1.41.4-2. An upgraded version of the package is available that resolves this issue...
CVE-2020-28851 affecting package buildah for versions less than 1.41.4-2
CVE-2020-28851 affecting package buildah for versions less than 1.41.4-2. An upgraded version of the package is available that resolves this issue...
CVE-2022-32149 affecting package podman for versions less than 5.6.1-2
CVE-2022-32149 affecting package podman for versions less than 5.6.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2024-45777 affecting package grub2 for versions less than 2.06-25
CVE-2024-45777 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...
CVE-2025-58749 affecting package fluent-bit for versions less than 3.1.9-6
CVE-2025-58749 affecting package fluent-bit for versions less than 3.1.9-6. A patched version of the package is available...
CVE-2025-58058 affecting package packer for versions less than 1.9.5-10
CVE-2025-58058 affecting package packer for versions less than 1.9.5-10. A patched version of the package is available...
GHSA-64W3-5Q9M-68XF vulnerabilities
Vulnerabilities for packages: keycloak-fips, keycloak...
CVE-2025-40070
In the Linux kernel, the following vulnerability has been resolved: pps: fix warning in ppsregistercdev when register device fail Similar to previous commit 2a934fdb01db "media: v4l2-dev: fix error handling in videoregisterdevice", the release hook should be set before deviceregister. Otherwise,...
CVE-2025-40061
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in dotask when draining When dotask exhausts its iteration budget !ret, it sets the state to TASKSTATEIDLE to reschedule, without a secondary check on the current task-state. This can overwrite the...
CVE-2025-40032
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Then it is prudent to check that they have non-NUL...
CVE-2025-61104
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyunknowntlv function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...
GHSA-J3W4-M6QJ-VMM5 vulnerabilities
Vulnerabilities for packages: bind...
CVE-2025-12205
A vulnerability was detected in Kamailio 5.5. The affected element is the function srpushyystate of the file src/core/cfg.lex of the component Configuration File Handler. The manipulation results in use after free. The attack must be initiated from a local position. The exploit is now public and...