UBUNTU-CVE-2022-49863

In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when testing as following: a use syscallNRsocket, 0x10ul, 3ul, 0 to create netlink socket. b use syscallNRsendmsg, ... to create bond li...

DEBIAN-CVE-2025-37781

In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also be reproduced by...

CVE-2022-49863 can: af_can: fix NULL pointer dereference in can_rx_register()

In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when testing as following: a use syscallNRsocket, 0x10ul, 3ul, 0 to create netlink socket. b use syscallNRsendmsg, ... to create bond li...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-1976link is external Broadcom Brocade Fabric OS Code Injection Vulnerability CVE-2025-42599link is external Qualitia Active! Mail Stack-Based Buffer Overflow...

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials through the TokenReview API and PolicyBinding resource. An attacker can escalate privileges and potentially access sensitive data by exploiting the improper validation of service account tokens and...

CVE-2025-32792

CVE-2025-32792 affects SES’s isolation in the Compartment API. Before 1.12.0, web pages/extensions that used top-level const/let/class bindings in scripts could leak those bindings into the lexical scope of evaluated third-party code. The issue is fixed in SES 1.12.0; mitigations include avoiding...

ses's global contour bindings leak into Compartment lexical scope

Impact Web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used const, let, and class bindings in the top-level scope of a tag will have inadvertently revealed these bindings in the lexical scope...

UBUNTU-CVE-2025-22109

In the Linux kernel, the following vulnerability has been resolved: ax25: Remove broken autobind Binding AX25 socket by using the autobind feature leads to memory leaks in ax25connect and also refcount leaks in ax25release. Memory leak was detected with kmemleak:...

CVE-2025-22109

In the Linux kernel, the following vulnerability has been resolved: ax25: Remove broken autobind Binding AX25 socket by using the autobind feature leads to memory leaks in ax25connect and also refcount leaks in ax25release. Memory leak was detected with kmemleak:...

Vulnerabilities fixed in Oracle Communications

Oracle has fixed several vulnerabilities in Oracle Communications products, including Cloud Native Core and Policy Management. The vulnerabilities in Oracle Communications products allow unauthenticated attackers to gain unauthorized access to sensitive data and can lead to denial-of-service DoS...

vsock: Keep the binding until socket destruction

...

Grafana Tempo Operator Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...

GHSA-5XF3-GMX4-529V Grafana Tempo Operator Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled in a Tempo instance managed by the Tempo Operator, the Operator creates a ClusterRoleBinding for the Service Account of the Tempo instance to grant the cluster-monitoring-view ClusterRole. This can be...

CVE-2025-2842

Summary: CVE-2025-2842 affects the Tempo Operator when the Jaeger UI Monitor Tab is enabled. The operator creates a ClusterRoleBinding for the Tempo instance’s service account to grant the cluster-monitoring-view role, enabling a user with modest permissions (e.g., create on TempoStack and get on...

Missing Critical Step in Authentication

Overview lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Missing Critical Step in Authentication due to a missing checkaccess call in the installbinding function. An attacker can add, modify, and remove bindings by accessing the...

CVE-2024-11302 Missing check_access in lollms_binding_infos in parisneo/lollms

A missing checkaccess function in the lollmsbindinginfos module of the parisneo/lollms repository, version V14, allows attackers to add, modify, and remove bindings arbitrarily. This vulnerability affects the /installbinding and /reinstallbinding endpoints, among others, enabling unauthorized...

CVE-2024-11302 Missing check_access in lollms_binding_infos in parisneo/lollms

A missing checkaccess function in the lollmsbindinginfos module of the parisneo/lollms repository, version V14, allows attackers to add, modify, and remove bindings arbitrarily. This vulnerability affects the /installbinding and /reinstallbinding endpoints, among others, enabling unauthorized...

CVE-2024-11302

The CVE-2024-11302 entry concerns parisneo/lollms, specifically the lollms_binding_infos module in version V14. A missing check_access() allows an attacker to add, modify, and remove bindings via endpoints such as /install_binding and /reinstall_binding, enabling unauthorized access to binding se...

PT-2025-12365

Name of the Vulnerable Software and Affected Versions kcp versions prior to 0.26.3 Description The issue allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for pre-existing resources, even if there is no APIBinding in that workspace or the...

Signature Confusion Attack

simplesamlphp/saml2 is vulnerable to a Signature Confusion Attack. The vulnerability is due to improper validation in the HTTP-Redirect binding, which allows an attacker with any signed SAMLResponse to trick the application into accepting an unsigned message...