56 matches found
CVE-2025-40280 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40280 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-40288 affecting package kernel for versions less than 6.6.117.1-1
CVE-2025-40288 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-64329 affecting package containerd2 for versions less than 2.0.0-16
CVE-2025-64329 affecting package containerd2 for versions less than 2.0.0-16. A patched version of the package is available...
AZL-71404 CVE-2025-40264 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrbparams in case of OS2BMC beinsertvlaninpkt is called with the wrbparams argument being NULL at besendpkttobmc call site. This may lead to dereferencing a NULL pointer when processing a workaround for specific...
CVE-2025-59777 affecting package libmicrohttpd for versions less than 0.9.77-4
CVE-2025-59777 affecting package libmicrohttpd for versions less than 0.9.77-4. A patched version of the package is available...
CVE-2025-12480
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...
EUVD-2025-33671
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this vulnerability...
EUVD-2025-24438
Malicious code in bioql PyPI...
CVE-2025-38348 affecting package kernel for versions less than 6.6.96.1-1
CVE-2025-38348 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...
Simplehelp 安全漏洞
SimpleHelp is a remote support software from SimpleHelp, Inc. A security vulnerability exists in Simplehelp versions prior to 5.5.11 that stems from vulnerability to cross-site request forgery attacks...
PAVO Pay 信任管理问题漏洞
PAVO Pay is a mobile payment management platform from PAVO Turkey. A trust management issue vulnerability exists in PAVO Pay versions prior to 13.05.2025, which stems from the use of hard-coded credentials that could result in reading sensitive constants...
AZL-59852 CVE-2025-22010 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer e.g. MR over 100GB is being allocated, it may require a considerable loop coun...
Adobe Acrobat < 20.005.30763 / 24.001.30235 / 25.001.20432 Multiple Vulnerabilities (APSB25-14)
The version of Adobe Acrobat installed on the remote Windows host is a version prior to 20.005.30763, 24.001.30235, or 25.001.20432. It is, therefore, affected by multiple vulnerabilities. - Access of Uninitialized Pointer CWE-824 potentially leading to Arbitrary code execution CVE-2025-27158,...
AZL-58375 CVE-2025-2137 affecting package nodejs18 18.20.3-11
Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...
AZL-57700 CVE-2025-0686 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted...
AZL-57401 CVE-2025-22869 affecting package moby-engine for versions less than 25.0.3-11
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
Tornado 安全漏洞
Tornado is a Python web framework and asynchronous networking library from the Chinese Tornado Technology Tornado community. The library scales to thousands of open connections through the use of non-blocking network I/O, making it well suited for long-time polling, WebSockets, and other...
AZL-49653 CVE-2024-45770 affecting package pcp for versions less than 6.3.2-1
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
AZL-48466 CVE-2024-45492 affecting package expat for versions less than 2.6.3-1
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...
AZL-47871 CVE-2024-7868 affecting package cppcheck for versions less than 2.18.3-1
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...