CVE-2024-58088

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...

CVE-2025-25747

Cross Site Scripting vulnerability in DigitalDruid HotelDruid v.3.0.7 allows an attacker to execute arbitrary code and obtain sensitive information via the ripristinabackup parameter in the creabackup.php endpoint...

CVE-2025-2174

A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to integer overflow. The attack can be launched remotely. The exploit...

CVE-2025-2173

A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...

CVE-2025-26599 affecting package xorg-x11-server for versions less than 1.20.10-15

CVE-2025-26599 affecting package xorg-x11-server for versions less than 1.20.10-15. A patched version of the package is available...

CVE-2025-2151

A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated...

CVE-2025-2153

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SMdelete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2023-52970

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., 11.0 through 11.0., and 11.1 through 11.4. crashes in Itemdirectviewref::derivedfieldtransformerforwhere...

GHSA-4P46-PWFR-66X6 vulnerabilities

Vulnerabilities for packages: sqlx, kdash, linkerd2-proxy, cargo-audit, shadowsocks-rust, samply, lychee, wasmcloud, rye, rustup, zola, uv, nushell, atuin, pixi, deno, ntpd-rs, wasmtime, tealdeer, xh, oranda, zed, sccache, parseable, qdrant, wadm, zizmor, linkerd-extension-init, buck2, wasm-pack,...

CVE-2025-22868 affecting package coredns for versions less than 1.11.1-14

CVE-2025-22868 affecting package coredns for versions less than 1.11.1-14. A patched version of the package is available...

CVE-2024-40982 affecting package kernel for versions less than 5.15.176.3-2

CVE-2024-40982 affecting package kernel for versions less than 5.15.176.3-2. An upgraded version of the package is available that resolves this issue...

CVE-2024-49950 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-49950 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2025-27795

ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits...

ROS-20250307-12

Nomad application orchestrator vulnerability related to customization of wildcard namespace usage. namespace. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL policy by allowing reads from other namespaces. ACL policy by allowing reads from other namespaces...

CVE-2024-58052

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrlgetsmcsclkrangetable The function atomctrlgetsmcsclkrangetable does not check the return value of smuatomgetdatatable. If smuatomgetdatatable fails to retrieve SMUInfo...

CVE-2024-58075

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegracmacinit or tegrashainit function may return an error when memory is exhausted. It should not transfer the request when they return an error...

CVE-2024-38311

Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...

Linux Distros Unpatched Vulnerability : CVE-2021-31229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd performs incorrect memory handling while parsing crafted XML files, which...

CVE-2024-41147

An out-of-bounds write vulnerability exists in the madrflacdecodesampleslpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-26618 affecting package erlang for versions less than 25.2-3

CVE-2025-26618 affecting package erlang for versions less than 25.2-3. A patched version of the package is available...