EUVD-2025-10268

Malicious code in bioql PyPI...

EUVD-2025-14108

Malicious code in bioql PyPI...

EUVD-2025-13962

Malicious code in bioql PyPI...

EUVD-2021-30246

Malicious code in bioql PyPI...

EUVD-2022-15415

Malicious code in bioql PyPI...

EUVD-2023-46939

Malicious code in bioql PyPI...

EUVD-2022-24757

Malicious code in bioql PyPI...

EUVD-2023-47185

Malicious code in bioql PyPI...

RHEL 8 : Satellite 6.15.5.4 Async Update (Important) (RHSA-2025:15643)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:15643 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...

PT-2025-40879

Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description An issue exists in decoding OpenEXR files that use DWAA or DWAB compression. The software makes an assumption that all image channels have the same pixel type and size, specifically expecting "B", "G",...

SUSE-SU-2025:02883-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055113 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

SUSE-SU-2025:02871-1 Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001039 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351. -...

Linux Distros Unpatched Vulnerability : CVE-2025-38267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARNON due to a commitoverrun When reading a memory mapped buffe...

CVE-2025-47219

CVE-2025-47219 affects GStreamer isomp4 plugin (qtdemux_parse_trak) reading past the end of a heap buffer during MP4 parsing, up to GStreamer 1.26.1. Debian LTS and Astra Linux reports fixed packages: gst-plugins-good1.0 1.18.4-2+deb11u4 (Debian 11) and related updates in Amazon Linux 2 (gst-plug...

Linux Distros Unpatched Vulnerability : CVE-2021-47477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Alloca...

CVE-2025-50464

The CVE-2025-50464 affects iptime NAS firmware v1.5.04. The issue is a pre-authentication buffer overflow in the upload.cgi module caused by unsafe use of strcpy to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size stack buffer (8 bytes). This can be exploited befo...

CVE-2025-38314

CVE-2025-38314 affects the Linux kernel’s virtio-pci admin command path. The issue was that virtio_pci_admin_dev_parts_get() reported a result size 8 bytes larger than the actual data because result_sg_size was filled with virtqueue_get_buf() length (data + 8 bytes status). The oversized size cou...

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

CVE-2025-38086 net: ch9200: fix uninitialised access during mii_nway_restart

In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during miinwayrestart In miinwayrestart the code attempts to call mii-mdioread which is ch9200mdioread. ch9200mdioread utilises a local buffer called "buff", which is initialised with...

The vulnerability of the httpGetEnv() function in TP-Link TL-WR940N router software allows a hacker to cause a service failure.

The vulnerability of the httpGetEnv function in TP-Link TL-WR940N router software lies in the fact that the operation is executed outside the buffer in memory when processing the dnsserver1 parameter. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a...