CVE-2024-42644

FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0...

CVE-2024-42644

FlashMQ v1.14.0 contains an assertion failure in PublishCopyFactory::getNewPublish when the publish QoS > 0. This is a network-exploitable issue with high availability impact; CVSS v3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. No patched version is provided in the sources; some references ...

Improper Verification of Cryptographic Signature

Overview @node-saml/node-saml is a SAML 2.0 implementation for Node.js Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via validatePostResponseAsync due to loading of the assertion from the unsigned original response document. An attacker can...

GHSA-4MXG-3P6V-XGQ3 Node-SAML SAML Signature Verification Vulnerability

Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any...

node-saml 安全漏洞

node-saml is a SAML library that does not depend on any framework running in Node.js. A security vulnerability exists in node-saml version 5.0.1 that stems from not properly validating SAML assertions, which could lead to an authentication bypass...

PT-2025-31149

Name of the Vulnerable Software and Affected Versions: Node-SAML versions 5.0.1 and below Description: Node-SAML improperly loads the assertion from the unsigned original response document, differing from the parts verified during signature checking. This allows modification of authentication...

SUSE CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

CVE-2025-38461 vsock: Fix transport_* TOCTOU

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

CVE-2025-38461 vsock: Fix transport_* TOCTOU

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

GHSA-M837-G268-MMV7 Node-SAML SAML Authentication Bypass

Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any...

Node-SAML SAML Authentication Bypass

Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any...

CVE-2025-38358

CVE-2025-38358 relates to a race in Linux kernel’s btrfs async reclaim path. The bug occurs when an ordered iput is delayed while BTRFS_FS_STATE_NO_DELAYED_IPUT is already set, triggering an assertion in btrfs_add_delayed_iput during close_ctree. The described scenario: async reclaim schedules wr...

CVE-2025-38358

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING: CPU: 0 PID: 65 at...

PT-2025-30758 · Btrfs +1 · Btrfs +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to a race condition between the asynchronous reclaim worker and the close ctree function within the Btrfs filesystem. This issue arises from an...

CVE-2025-54369

Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...

CVE-2025-54369 Node-SAML SAML Authentication Bypass

Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...

K000152700: BIND vulnerability CVE-2025-40775

Security Advisory Description When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20...

curl: Use after free (or assert triggered) with failed allocations in openssl

Summary: summary of the vulnerability A heap use after free or assertion can be triggered if some allocations fail I am not sure you consider allocations failures to be part of security issues, and I am not sure the issue lies in curl or in openssl, but I still think you want something to be fixe...

CVE-2025-34142

An XML External Entity XXE injection vulnerability exists in ETQ Reliance on the CG legacy platform within the /resources/sessions/sso endpoint. The SAML authentication handler processes XML input without disabling external entity resolution, allowing crafted SAML responses to invoke external...

PT-2025-34401

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc6-syzkaller-00002-g155a3c003e55 Description: The Linux kernel contained a flaw in the netfilter bpf Berkeley Packet Filter functionality. Specifically, the nf hook run bpf function did not disable...