BIT-LIBPHP-2024-1874 Command injection via array-ish $command parameter of proc_open()

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands ...

kernel: x86/CPU/AMD: Terminate the erratum_1386_microcode array

A flaw was found in the AMD CPU erratum handling code in the Linux kernel. The erratum1386microcode array lacked a proper terminator, which could cause the x86matchcpuwithstepping function to read beyond the end of the array. This results in undefined behavior during CPU feature detection and...

Linux Distros Unpatched Vulnerability : CVE-2023-52804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity...

Linux Distros Unpatched Vulnerability : CVE-2024-27388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error- handling paths after their allocation. So this patch add...

Linux Distros Unpatched Vulnerability : CVE-2025-39728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the bel...

Linux Distros Unpatched Vulnerability : CVE-2025-37751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the...

Linux Distros Unpatched Vulnerability : CVE-2025-38395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpiodesc' pointers. But the memory is allocate...

Linux Distros Unpatched Vulnerability : CVE-2022-50167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: fix potential 32-bit overflow when accessing ARRAY map element If BPF array map is bigger than 4GB, element pointer calculation can overflow because both...

Linux Distros Unpatched Vulnerability : CVE-2024-38587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof vs ARRAYSIZE bug The buf pointer is an array of u16 values. This code...

Linux Distros Unpatched Vulnerability : CVE-2022-48927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iio: adc: tsc2046: fix memory corruption by preventing array overflow On one side we have...

K000152931: Multiple PostgreSQL vulnerabilities

Security Advisory Description CVE-2023-2455 Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other...

CVE-2025-54645

Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability...

Linux Distros Unpatched Vulnerability : CVE-2025-38257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via...

Linux Distros Unpatched Vulnerability : CVE-2021-28660

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rtwwxsetscan in drivers/staging/rtl8188eu/osdep/ioctllinux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -ssid array. NOTE: from th...

Linux Distros Unpatched Vulnerability : CVE-2021-47065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour...

Linux Distros Unpatched Vulnerability : CVE-2025-38198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the storemodes sysfs node will run afoul of unregistered consoles...

Linux Distros Unpatched Vulnerability : CVE-2024-57983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix memory corruption due to incorrect array size The functions...

The vulnerability of embedded software developed by Qualcomm, related to unverified array indexing, allows a hacker to execute arbitrary code.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to unverified array indexing. Exploiting this vulnerability can allow attackers to execute arbitrary code...

EU Digital Regulation and Guatemala: AI, 5G, and Cybersecurity

The paper examines how EU rules in AI, 5G, and cybersecurity operate as transnational governance and shape policy in Guatemala. It outlines the AI Act's risk approach, the 5G Action Plan and Security Toolbox, and the cybersecurity regime built on ENISA, NIS2, the Cybersecurity Act, and the Cyber...

Linux Distros Unpatched Vulnerability : CVE-2019-11707

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware ...