EUVD-2026-32878

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

📄 Craft CMS 5.0 Logic Flaw

A flaw in the Craft CMS image transform endpoint allows an unauthenticated attacker to trigger backend processing without prior authentication. While the original Metasploit module targeted remote code execution, this proof of concept does not execute code, does not write files, and does not inje...

SUSE SLES15 Security Update : kernel (Live Patch 4 for SLE 15 SP6) (SUSE-SU-2025:03566-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03566-1 advisory. This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: - CVE-2025-38477: net/sched:...

SUSE-SU-2025:20830-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_8

This update for kernel-livepatch-MICRO-6-0-RTUpdate8 fixes the following issues: - CVE-2025-38089: sunrpc: handle SVCGARBAGE during svc auth processing as auth error bsc1245509 - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...

SUSE-SU-2025:20813-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing bsc1237048 - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744 - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket...

RockyLinux 9 : kernel (RLSA-2025:11411)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11411 advisory. kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel: sunrpc: handle SVCGARBAGE during svc auth processing as auth error CVE-2025-380...

kernel: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error

A flaw was found in the Linux kernel, where a specially crafted RPC packet could cause data corruption or trigger a system panic. This flaw allows a remote attacker who can make RPC calls to send an intentionally malformed packet, potentially compromising system integrity or causing a denial of...

kernel: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error

A flaw was found in the Linux kernel, where a specially crafted RPC packet could cause data corruption or trigger a system panic. This flaw allows a remote attacker who can make RPC calls to send an intentionally malformed packet, potentially compromising system integrity or causing a denial of...

DEBIAN-CVE-2018-7750

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as...