CVE-2025-53557

A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-54482

A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...

CVE-2016-8328 vulnerabilities

Vulnerabilities for packages: openjdk-26-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-17-openj9...

CVE-2025-38655

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: add NULL check in DT parse Add a NULL check for the return value of ofgetproperty when retrieving the "pinmux" property in the group parser. This avoids a potential NULL pointer dereference if the property ...

CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

ROS-20250821-03

EMACS text editor vulnerability exists due to failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

GHSA-RWWP-3RV3-J6Q6 vulnerabilities

Vulnerabilities for packages: gitlab-runner-fips, gitlab-runner...

CVE-2025-38567

In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in nfsdopenlocalfh If two calls to nfsdopenlocalfh race and both successfully call nfsdfileacquirelocal, they will both get an extra reference to the net to accompany the file reference stored in pnf. One of...

CVE-2025-4690

A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter/linky filter to detect URLs in input text is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can cause a Regular expression Denial of Service ReDoS...

CVE-2025-9136

A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...

[SECURITY] Fedora 42 Update: rust-h2-0.4.12-1.fc42

An HTTP/2 client and server...

CVE-2025-38553

In the Linux kernel, the following vulnerability has been resolved: net/sched: Restrict conditions for adding duplicating netems to qdisc tree netemenqueue's duplication prevention logic breaks when a netem resides in a qdisc tree with other netems - this can lead to a soft lockup and OOM loop in...

CVE-2023-32249

In the Linux kernel, the following vulnerability has been resolved: ksmbd: not allow guest user on multichannel This patch return STATUSNOTSUPPORTED if binding session is guest...

CVE-2025-38517

In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...

CVE-2025-38512

In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this...

CVE-2025-38506

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

GHSA-J474-59J6-7C6R vulnerabilities

Vulnerabilities for packages: openjdk...

CVE-2018-2811 vulnerabilities

Vulnerabilities for packages: openjdk-26-openj9, corretto, openjdk-25-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9, openjdk-17-openj9...

CVE-2024-22653 affecting package yasm for versions less than 1.3.0-17

CVE-2024-22653 affecting package yasm for versions less than 1.3.0-17. A patched version of the package is available...

CVE-2025-50097 affecting package mysql for versions less than 8.0.43-1

CVE-2025-50097 affecting package mysql for versions less than 8.0.43-1. An upgraded version of the package is available that resolves this issue...