27 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: pNFS: Fixed an issue where uninitialized pointers were dereferenced. The error occurs during the third attempt to encode extents. When the function exttreepreparecommit reallocates a larger buffer to retry encoding extents, th...
Siemens SIMATIC S7-1500 Use of Uninitialized Resource (CVE-2025-38691)
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the layoutupdatepages page array...
EUVD-2023-59776
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-38691
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
AZL-73920 CVE-2025-38691 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
AZL-66800 CVE-2025-38691 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
UBUNTU-CVE-2025-38691
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
CVE-2025-38691 pNFS: Fix uninited ptr deref in block/scsi layout
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
CVE-2025-38691 pNFS: Fix uninited ptr deref in block/scsi layout
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the "layoutupdatepages" page arr...
BIT-LIBPYTHON-2023-40217
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...
SUSE-SU-2025:02297-1 Security update for python36
This update for python36 fixes the following issues: - CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 - CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the...
PT-2025-35964
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the pNFS block/scsi layout implementation. The issue arises from a dereference of uninitialized pointers within the ext tree free commitdata function...
CVE-2025-21462
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit...
AZL-60358 CVE-2025-21905 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...
CVE-2025-1861
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...
AZL-59306 CVE-2025-1861 affecting package php for versions less than 8.1.32-1
In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...
SUSE CVE-2022-49292
In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflow at vmalloc allocation that is called from sndpcmplugalloc. Although we apply the restrictions to input parameters, it's based only...
CVE-2022-49292
In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflow at vmalloc allocation that is called from sndpcmplugalloc. Although we apply the restrictions to input parameters, it's based only...
Silicon Labs RS9116 安全漏洞
The Silicon Labs RS9116 is a family of SoCs and modules from Silicon Labs, Inc. that provide comprehensive 2.4/5 GHz Wi-Fi and dual-mode Bluetooth 5 wireless connectivity. A security vulnerability exists in the Silicon Labs RS9116, which stems from a limitation on the size of packets in the L2CAP...
Heap-based Buffer Overflow
Overview curl-cffi is a python binding for curl-impersonate via cffi. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the SOCKS5 proxy handshake process when the hostname is longer than the target buffer and larger than 255 bytes. The local variable...