264 matches found
EUVD-2023-58930
Malicious code in bioql PyPI...
CVE-2025-39861 Bluetooth: vhci: Prevent use-after-free by removing debugfs files early
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...
CVE-2025-39861 Bluetooth: vhci: Prevent use-after-free by removing debugfs files early
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...
CVE-2025-39861
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...
kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...
vhost_task: Handle SIGKILL by flushing work and exiting
...
Linux Distros Unpatched Vulnerability : CVE-2025-30219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and...
kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...
kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...
at.ganzleicht.vaadin:vaadin-server (>=9.1.1 <=9.1.3), br.com.thiagomoreira.liferay.plugins.fix-virtual-host-app:fix-virtual-host-hook (>=2.0.0 <=5.1.0) +663 more potentially affected by CVE-2025-43740 via com.liferay.portal:com.liferay.portal.kernel (>=100.0.0 <=9.4.0)
com.liferay.portal:com.liferay.portal.kernel MAVEN version =100.0.0, =9.1.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =0.0.2.RELEASE, =1.0.0.RELEASE - com.gitee.pif...
AlmaLinux 8 : kernel-rt (ALSA-2025:13961)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:13961 advisory. kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: netsched: ets: Fix double list add in class with netem as child...
Linux Distros Unpatched Vulnerability : CVE-2025-22083
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vhost-scsi: Fix handling of multiple calls to vhostscsisetendpoint If vhostscsisetendpoint is called multiple times without a vhostscsiclearendpoint between...
Linux Distros Unpatched Vulnerability : CVE-2025-38250
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file...
Linux Distros Unpatched Vulnerability : CVE-2019-14835
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs,...
CVE-2023-28346
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote attacker to communicate with the private API endpoints exposed at /login, /consoleSettings, /console, etc. despite Virtual Host Routing being used to block this access. Remote attackers can interact wit...
CVE-2021-43437
In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host Header comes in. Thi...
CVE-2021-35492
Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resources. An attacker could exploit this...
BIT-RABBITMQ-2025-30219 RabbitMQ has XSS Vulnerability in an Error Message in Management UI
RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable with other on disk file modifications can lead to arbitrary JavaScript code execution in the browsers of...
DEBIAN-CVE-2025-30219
RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable with other on disk file modifications can lead to arbitrary JavaScript code execution in the browsers of...
AZL-59276 CVE-2025-30219 affecting package rabbitmq-server for versions less than 3.11.24-3
RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable with other on disk file modifications can lead to arbitrary JavaScript code execution in the browsers of...