CVE-2025-4953

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

CVE-2025-39812

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

podman: Build Context Bind Mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

Podman 安全漏洞

Podman is a Podman open source engine for developing, managing and running OCI containers on Linux systems. A security vulnerability exists in Podman that stems from RUN --mount=type=bind mounted data that is not discarded during a podman build, which could result in files created within the...

PT-2025-38004

Name of the Vulnerable Software and Affected Versions Podman affected versions not specified Description A flaw exists in Podman where data written to RUN --mount=type=bind mounts during the podman build process is not discarded. This can result in files created within the container appearing in...

Ubuntu: Security Advisory (USN-7739-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7, visionOS 26, iOS 18.7 and iPadOS 18.7. A UDP server socket bound to a local interface may become bound to all interfaces...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all...

CVE-2025-43359

CVE-2025-43359 describes a logic issue in state management where a UDP server socket bound to a local interface may become bound to all interfaces. This could lead to exposure of network services. The vulnerability affects Apple platforms and is fixed in: tvOS 26, watchOS 26, macOS Sonoma 14.8, i...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all...

CVE-2022-50260

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Make .remove and .shutdown HW shutdown consistent Drivers' .remove and .shutdown callbacks are executed on different code paths. The former is called when a device is removed from the bus, while the latter is called at...

CVE-2022-50260 drm/msm: Make .remove and .shutdown HW shutdown consistent

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Make .remove and .shutdown HW shutdown consistent Drivers' .remove and .shutdown callbacks are executed on different code paths. The former is called when a device is removed from the bus, while the latter is called at...

WindowsRegistryRootkit

It is an offensive tool for Windows. This repository contains a kernel rootkit that resides within Windows registry value data, developed by Oleksiuk Dmytro aka Cr4sh. The rootkit exploits a zero-day vulnerability in win32k.sys, a Windows kernel-mode driver, through a buffer overflow in the...

gosec

This is a Go AST Abstract Syntax Tree scanner for identifying security vulnerabilities in Go code. The scanner is called "gosec" and is part of the GolangCI project. It can be installed using the command "go get github.com/golangci/gosec/cmd/gosec/...". The scanner can be configured to run a subs...

CVE-2025-57057

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

SUSE CVE-2025-38731

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix vmbindioctl double free bug If the argument check during an array bind fails, the bindops are freed twice as seen below. Fix this by setting bindops to NULL after freeing...

CVE-2025-57064

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-57057

Tenda G3 firmware v3.0br_V15.11.0.17 contains a stack/buffer overflow in the ipMacBindListStore function’s listStr parameter due to improper input length validation. This can allow an attacker to cause a Denial of Service (DoS) with a crafted request. Documented details are corroborated by multip...

CVE-2025-57064

CVE-2025-57064 affects Tenda G3, specifically v3.0br_V15.11.0.17, which contains a stack overflow in the bindDhcpIndex parameter of the modifyDhcpRule function. The vulnerability can cause a Denial of Service (DoS) when a crafted request is sent. Exploitation details are not provided in the avail...

CVE-2025-57057

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...