CVE-2025-21613 affecting package packer for versions less than 1.9.5-5

CVE-2025-21613 affecting package packer for versions less than 1.9.5-5. A patched version of the package is available...

CVE-2024-56732 affecting package harfbuzz for versions less than 8.3.0-3

CVE-2024-56732 affecting package harfbuzz for versions less than 8.3.0-3. A patched version of the package is available...

CVE-2024-53580 affecting package iperf3 for versions less than 3.17.1-2

CVE-2024-53580 affecting package iperf3 for versions less than 3.17.1-2. A patched version of the package is available...

CVE-2024-52949 affecting package iptraf-ng for versions less than 1.2.2-1

CVE-2024-52949 affecting package iptraf-ng for versions less than 1.2.2-1. An upgraded version of the package is available that resolves this issue...

[SECURITY] Fedora 40 Update: rsync-3.4.0-1.fc40

Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...

CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

CVE-2024-57895

In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...

CVE-2025-0435 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2024-55577

Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a result, the attacker may obtain or alter information of the user environment or cause the user...

CVE-2024-52006

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems mos...

CVE-2024-57647

An issue in the rowinsertcast component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

SUSE CVE-2024-52333

An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-57839

In the Linux kernel, the following vulnerability has been resolved: Revert "readahead: properly shorten readahead when falling back to dopagecachera" This reverts commit 7c877586da3178974a8a94577b6045a48377ff25. Anders and Philippe have reported that recent kernels occasionally hang when used wit...

CVE-2024-57850

In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompress memory corruption The rtime decompression routine does not fully check bounds during the entirety of the decompression pass and can corrupt memory outside the decompression buffer if the compressed...

CVE-2024-45828

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RINGOPSTAT interrupt when the ring is being stopped. Depending on timing between ring stop request completion, interrupt...

CVE-2024-54455

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix general protection fault in ivpubolist Check if ctx is not NULL before accessing its fields...

CVE-2024-57804

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs The driver, through the SAS transport, exposes a sysfs interface to enable/disable PHYs in a controller/expander setup. When multiple PHYs are disabled and...

CVE-2024-52332

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igbinitmodule The pciregisterdriver can fail and when this happened, the dcanotifier needs to be unregistered, otherwise the dcanotifier can be called when igb fails to install, resulti...

CVE-2024-57807

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraidsas: Fix for a potential deadlock This fixes a 'possible circular locking dependency detected' warning CPU0 CPU1 ---- ---- lock&instance-resetmutex; lock&shost-scanmutex; lock&instance-resetmutex;...

CVE-2024-49573

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix NEXTBUDDY Adam reports that enabling NEXTBUDDY insta triggers a WARN in picknextentity. Moving clearbuddies up before the delayed dequeue bits ensures no -next buddy becomes delayed. Further ensure no new -next...