CVE-2025-38515

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spscqueuepush and the run-job worker, in which spscqueuepush may return not-first while the run-job worker has already idled due to the jo...

Linux Distros Unpatched Vulnerability : CVE-2022-50090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize On zoned filesystem, data write out is limited by maxzoneappendsize, and a large ordered extent is...

Linux Distros Unpatched Vulnerability : CVE-2023-52527

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something...

Linux Distros Unpatched Vulnerability : CVE-2025-32050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read. CVE-2025-32050 Note that Nessu...

CLSA-2025-1753131065 libsoup: Fix of 7 CVEs

CVE-2025-32050: fix overflow in appendparamquoted - CVE-2025-32052: fix heap buffer overflow in soupcontentsniffersniff - CVE-2025-32053: fix heap buffer overflow in snifffeedorhtml - CVE-2025-32907: soup-message-headers: correct merge of ranges - CVE-2025-46420: fix leak in...

redis-check-aof may lead to stack overflow and potential RCE

...

DEBIAN-CVE-2025-38140

In the Linux kernel, the following vulnerability has been resolved: dm: limit swapping tables for devices with zone write plugs dmrevalidatezones only allowed new or previously unzoned devices to call blkrevalidatediskzones. If the device was already zoned, disk-nrzones would always equal...

DEBIAN-CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

CVE-2025-38141

CVE-2025-38141 is a Linux kernel use-after-free vulnerability in the device mapper reporting path. The issue stems from a race around reading md->zone_revalidate_map and the lifetime of zone resources during blk_revalidate_disk_zones() and dm_blk_report_zones() calls, potentially freeing resou...

SUSE CVE-2022-50090

In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize On zoned filesystem, data write out is limited by maxzoneappendsize, and a large ordered extent is split according the size of a bio. OTOH, the number of extents to be...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14365)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server due to incorrect boundary checking in the APPEND component command handler. No detailed vulnerability details are provided at this time...

SUSE-SU-2025:20413-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...

Astra Linux – Vulnerability in mongo-c-driver

The bsonstringappend function in the MongoDB C Driver may be vulnerable to a buffer overflow. In this scenario, the function might attempt to allocate a buffer that is too small, which could lead to memory corruption in the neighboring heap memory. This issue affects versions of libbson prior to...

SUSE CVE-2025-6052

A flaw was found in how GLib's GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn't. As a result, data may be writte...

CVE-2024-44905

go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/appendvalue.go...

AZL-63912 CVE-2025-6052 affecting package glib for versions less than 2.78.6-3

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...

CVE-2025-6052

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...

CVE-2025-6052

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...

OESA-2025-1639 yasm security update

Yasm is a complete rewrite of the NASM assembler under the “new” BSD License. Security Fixes: yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c.CVE-2024-22653...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection in the /types/appendvalue.go component. When a placeholder is directly preceded by a minus - and not separated by any whitespace, the library does not handle the particular case when a negative number is inserted for the...