MiracleLinux 8 : java-17-openjdk-17.0.8.0.7-2.el8 (AXSA:2023-6263:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6263:12 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...

ROS-20260120-7362

A vulnerability in the loadmicrocodeamd function of the Linux kernel is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7309

A vulnerability in the net/sched/schsfq.c component of the Linux operating system kernel is related to unchecked array indexing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-71086

Technical details for CVE-2025-71086 are not publicly available in the provided documents. Monitor for updates from official advisories; the initial description mentions a Linux kernel fix in net rose_kill_by_device but no product/version specifics are provided here.

ROS-20260113-7390

A vulnerability in the drivers/us module ucsiccgsynccontrol of the Linux kernel is related to unchecked array indexing. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

ROS-20260112-7307

A vulnerability in the smuv130updatepcieparameters function of the drivers/gpu/drm/amd/pm/swsmu/smu13/smuv130.c module, a driver to support the Direct Rendering Infrastructure DRI of AMD graphics cards in the Linux operating system kernel, is related to unchecked array indexing. Exploitation of t...

ROS-20251216-7309

Vulnerability in guacamole-server related to unchecked array indexing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

ROS-20251216-7308

Vulnerability in guacamole related to unchecked array indexing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

PT-2025-49309

Name of the Vulnerable Software and Affected Versions BACnet Protocol Stack versions prior to 1.5.0.rc2 Description The BACnet Protocol Stack library contains flaws in the npdu is expected reply function within src/bacnet/npdu.c. This function does not properly validate the existence of Applicati...

JLSEC-2025-101 FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcode...

FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbsav1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in...

EUVD-2024-0177

Malicious code in bioql PyPI...

EUVD-2023-47185

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: use arrayindexnospec with indices that come from guest min and destid are guest-controlled indices. Using arrayindexnospec after the bounds checks...

SUSE CVE-2025-39818

In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save Improper use of secondary pointer &dev-i2csubipregs caused kernel crash and out-of-bounds error: BUG: KASAN: slab-out-of-bounds in...

CVE-2025-39818

In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save Improper use of secondary pointer &dev-i2csubipregs caused kernel crash and out-of-bounds error: BUG: KASAN: slab-out-of-bounds in...

The vulnerability of embedded software developed by Qualcomm, related to unverified array indexing, allows a hacker to execute arbitrary code.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to unverified array indexing. Exploiting this vulnerability can allow attackers to execute arbitrary code...

The vulnerability of the diNewExt() function in the fs/jfs/jfs_imap.c module of the JFS file system support in Linux kernel allows a attacker to cause a service failure.

The vulnerability of the diNewExt function in the fs/jfs/jfsimap.c module of the Linux file system support library is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the dbAdjTree() function in the fs/jfs/jfs_dmap.c module of the JFS file system support module in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the dbAdjTree function in the fs/jfs/jfsdmap.c module of the JFS file system support in Linux’s operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the function ieee80211_get_rate_duration() in the net/mac80211/airtime.c module of the mac80211 stack in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ieee80211getrateduration function in the net/mac80211/airtime.c module of the mac80211 stack in the Linux operating system is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the mgb4_cmt_set_vin_freq_range() function in the drivers/media/pci/mgb4/mgb4_cmt.c module of the Linux kernel allows a hacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the mgb4cmtsetvinfreqrange function in the drivers/media/pci/mgb4/mgb4cmt.c module of the Linux kernel is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of protected information...