Brave Desktop 1.79.119 Security Fixes

Added a conditional host check in binding handlers as reported on HackerOne by newfunction. Upgraded Chromium to 137.0.7151.68 — refer to Google Chrome advisories for inherited CVEs...

CVE-2025-48387

tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.0.9, 2.1.3, and 1.16.5 have an issue where an extract can write outside the specified dir with a specific tarball. This has been patched in versions 3.0.9, 2.1.3, and 1.16.5. As a workaround, use the ignore option to ignore n...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

Important: Red Hat Security Advisory: kpatch-patch-4_18_0-372_118_1, kpatch-patch-4_18_0-372_131_1, kpatch-patch-4_18_0-372_137_1, and kpatch-patch-4_18_0-372_91_1 security update

An update for kpatch-patch-4180-3721181, kpatch-patch-4180-3721311, kpatch-patch-4180-3721371, and kpatch-patch-4180-372911 is now available for Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important....

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

Important: Red Hat Security Advisory: kpatch-patch-4_18_0-553, kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, and kpatch-patch-4_18_0-553_40_1 security update

An update for kpatch-patch-4180-553, kpatch-patch-4180-553161, kpatch-patch-4180-553301, and kpatch-patch-4180-553401 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVS...

Important: Red Hat Security Advisory: kpatch-patch-4_18_0-477_43_1, kpatch-patch-4_18_0-477_67_1, kpatch-patch-4_18_0-477_81_1, and kpatch-patch-4_18_0-477_89_1 security update

An update for kpatch-patch-4180-477431, kpatch-patch-4180-477671, kpatch-patch-4180-477811, and kpatch-patch-4180-477891 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, and kpatch-patch-5_14_0-427_55_1 security update

An update for kpatch-patch-5140-427131, kpatch-patch-5140-427311, kpatch-patch-5140-427441, and kpatch-patch-5140-427551 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

RHEL 9 : kernel (RHSA-2025:8058)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8058 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock: Keep the binding until socket...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

CVE-2024-6040

In parisneo/lollms-webui version v9.8, the lollmsbindinginfos is missing the clientid parameter, which leads to multiple security vulnerabilities. Specifically, the endpoints /reloadbinding, /installbinding, /reinstallbinding, /unInstallbinding, /setactivebindingsettings, and /updatebindingsettin...

CVE-2024-49384

Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...

CVE-2024-48548

The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...

CVE-2024-48416

Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding...

CVE-2023-52240

The Kantega SAML SSO OIDC Kerberos Single Sign-on apps before 6.20.0 for Atlassian products allow XSS if SAML POST Binding is enabled. This affects 4.4.2 through 4.14.8 before 4.14.9, 5.0.0 through 5.11.4 before 5.11.5, and 6.0.0 through 6.19.0 before 6.20.0. The full product names are Kantega SA...

CVE-2023-45955

An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service via crafted write binding attribute commands...

CVE-2023-44013

Tenda AC10U v1.0 USAC10UV1.0RTLV15.03.06.49multiTDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function...

CVE-2023-21422

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService...

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

CVE-2022-29201

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments. In this case, references get bound to nullptr for each argument that is empty. Versions 2.9.0,...