Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check on the callback function pointer before its call. In dpucoreirqcallbackhandler, the pointer pointing to the callback function is checked to be NULL. However, the callback function is then called...

Can Open-Source LLM Agents Replace Static Application Security Testing Tools? an Empirical Assessment

This paper explores the value of agentic AI tools for cybersecurity purposes. We evaluate the efficacy of a general-purpose GenAI Large Language Model- GenAI- based agent when powered by three different Ollama-hosted general-purpose open source models. We assess each agent's performance using...

AMD uProf 安全漏洞

AMD uProf is a cross-platform performance analysis tool developed by AMD, Inc. for AMD processor architecture. AMD uProf has a security vulnerability; this vulnerability stems from unlimited resource allocation, which may lead to excessive consumption of system resources and resulting in usabilit...

CVE-2026-43432

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...

CVE-2026-43432

CVE-2026-43432 relates to the Linux kernel USB xHCI driver. The error path in usb/xhci_disable_slot() previously freed only the command structure (via kfree), leaking the associated completion structure. The patch changes the code to call xhci_free_command() , which frees both the command structu...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It is possible for cpread and hdmiread to return -EIO. These values are further used as indexes to access arrays. The issue was fixed by checking t...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound access in addsecretdacpath The sndhdagetconnections function may return a negative error code. This could lead to accessing the ‘conn’ array at a negative index. This issue was...

[SECURITY] Fedora 44 Update: pspp-2.1.1-5.fc44

PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure...

MetInfo CMS 8.1 XML Endpoint Behavior Analysis Tool

This script is a PHP-based analysis tool designed to interact with MetInfo CMS 8.1 endpoints through an XML-based interface. It uses cURL to send structured requests to a specific MetInfo module endpoint and evaluates the HTTP responses for basic fingerprinting indicators such as known keywords a...

parseusbs 操作系统命令注入漏洞

Parseusbs is a USB-connected recording and forensic analysis tool developed by Khyrenz Ltd. Versions of Parseusbs prior to 1.9 contained a vulnerability related to operating system command injection. This vulnerability arose from the fact that the volume list path parameters were passed directly ...

parseusbs 操作系统命令注入漏洞

Parseusbs is a USB connection recording and forensic analysis tool developed by Khyrenz Ltd. Versions of Parseusbs prior to 1.9 contained an operating system command injection vulnerability. This vulnerability stemmed from the LNK file path being passed to the os.popen shell command without prope...

MemProcFS 代码问题漏洞

MemProcFS is a physical memory virtual file system analysis tool developed by Ulf Frisk. Versions of MemProcFS prior to 5.17 contained code vulnerabilities. These vulnerabilities stemmed from multiple insecure library loading patterns, which could lead to DLL and shared library hijacking, allowin...

AWStats 安全漏洞

AWStats is a log analysis tool developed by eldy, a personal developer. This software supports the analysis of web site logs on all operating systems such as IIS 5.0 and Apache. It can analyze logs from web, WAP, proxy, streaming servers, FTP, and mail servers. AWStats 8.0 has a security...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21736)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21736 advisory. - In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in...

EUVD-2025-36981

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...

UBUNTU-CVE-2023-53661

In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxtgetnvramdirectory The value of an arithmetic expression is subject of possible overflow due to a failure to cast operands to a larger data type before performing arithmetic. Used macro for multiplicati...

EUVD-2022-54504

Malicious code in bioql PyPI...

EUVD-2023-0289

Malicious code in bioql PyPI...

EUVD-2025-9406

Malicious code in bioql PyPI...

EUVD-2024-53348

Malicious code in bioql PyPI...