Alibaba Cloud Linux 3 : 0017: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0017)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0017 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-4696: There exists a use-after-free...

Alibaba Cloud Linux 3 : 0167: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2022:0167)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0167 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-3176: There exists a use-after-free in...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47248: udp: fix race between close and udpabort bsc1224867. CVE-2022-49051: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup bsc1237903. CVE-2022-4905...

kernel security update

3.10.0-1160.119.1.0.7 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices Benot Sevens CVE-2024-53197 Orabug: 37686305 - can: bcm: Fix UAF in bcmprocshow YueHaibing CVE-2023-52922 Orabug: 37686305 - HID: core: zero-initialize the report buffer Benot Sevens...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...

CVE-2025-27780

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

CVE-2025-27778 Applio allows unsafe deserialization in infer.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in infer.py. The issue can lead to remote code execution. As of time of publication, a fix is available on the main branch of the Applio repository but not attached to a numbered release...

CVE-2025-27780 Applio allows unsafe deserialization in model_information.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an insecure deserialization issue in infer.py that could lead to remote code execution...

Applio 代码问题漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an insecure deserialization issue in modelinformation.py that could lead to remote code execution...

Applio 路径遍历漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. A path traversal vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file write issue in train.py, and could lead to the writing of arbitrary files on the Applio server, or in...

Applio 路径遍历漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. A path traversal vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file write issue in inference.py, and could lead to the writing of an arbitrary file on the Applio server, or ...

PT-2025-11964 · Applio +1 · Applio +1

Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.8-bugfix and prior Description: Applio is a voice conversion tool vulnerable to unsafe deserialization in the model information.py file. The model name variable in model information.py accepts user-supplied input, such as ...

DEBIAN-CVE-2025-21862

In the Linux kernel, the following vulnerability has been resolved: dropmonitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .ownercpu: 0 CPU: 1 PID: 7995 Comm...

CVE-2022-49101

CVE-2022-49101 entry is rejected by the CVE Numbering Authority and does not represent an active vulnerability.

RHSA-2025:1335 Red Hat Security Advisory: RHUI 4.11 security, bugfix, and enhancement update

Bulletin has no description...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49035: media: s5pcec: limit msg.len to CECMAXMSGSIZE bsc1215304. CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234853. CVE-2024-53156: wifi:...

Joomla 3.9.x < 3.10.20 / 4.0.x < 4.4.10 / 5.0.x < 5.2.3 Joomla 5.2.3 Security & Bugfix Release (5919-joomla-5-2-3-security-bugfix-release)

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.9.x prior to 3.10.20, 4.0.x prior to 4.4.10, or 5.0.x prior to 5.2.3. It is, therefore, affected by a vulnerability. - Improper Access Controls allows access to protected views. CVE-2024-40749 No...

UBUNTU-CVE-2024-56679

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2mboxgetrsp errors in otx2common.c Add error pointer check after calling otx2mboxgetrsp...

Fedora 41 : golang-github-chainguard-dev-git-urls / golang-github-task (2024-40d4ab1c94)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-40d4ab1c94 advisory. Bugfix to mitigate CVE-2023-46402 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...