36956 matches found
Unity Linux 20.1070e Security Update: python3 (UTSA-2025-993334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993334 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can b...
EUVD-2023-60392
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...
CVE-2023-54249
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...
CVE-2022-50817
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...
OESA-2025-2901 glib2 security update
GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A vulnerability was found in GNOME GLib...
CVE-2023-54249
The CVE concerns the Linux kernel component bus: mhi: ep. The issue arises when handling STOP and RESET commands: the system may send a -ENOTCONN status even if the client driver is not available, which could lead to a null pointer dereference. The available connected sources confirm this is a ke...
CVE-2023-54249 bus: mhi: ep: Only send -ENOTCONN status if client driver is available
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...
CVE-2023-54249
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...
CVE-2022-50817 net: hsr: avoid possible NULL deref in skb_clone()
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check client driver availability, which could lead to null pointer dereferencing...
OPENSUSE-SU-2025:15850-1 python312-3.12.12-4.1 on GA media
These are all security issues fixed in the python312-3.12.12-4.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15852-1 trivy-0.68.2-1.1 on GA media
These are all security issues fixed in the trivy-0.68.2-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2025:15848-1 python311-openapi-core-0.22.0-1.1 on GA media
These are all security issues fixed in the python311-openapi-core-0.22.0-1.1 package on the GA media of openSUSE Tumbleweed...
AZL-73234 CVE-2025-14180 affecting package php for versions less than 8.1.34-1
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
EUVD-2025-205486
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
CVE-2025-14180
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
CVE-2025-68938
A flaw was found in Gitea. An incorrect authorization allows an authenticated user with minimal privileges to delete project releases, causing a loss of availability of project assets and distribution history. Mitigation Mitigation for this issue is either not available or the currently available...
CVE-2025-68919
Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express DX / AF Management Software before 16.8-16.9.1 PA 2025-12, when collected maintenance data is accessible by a principal/authority other than ETERNUS SF Admin, allows an attacker to potentially affect system confidentiality, integrity, and...
CVE-2025-57840
ADBAndroid Debug Bridge is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...