51 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect the driver from buggy firmware When processing port up/down events generated by the device’s firmware, the driver attempts to protect itself from events reported for non-existent local ports. However, it...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989080)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989080 advisory. In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986795)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986795 advisory. In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated...
Malicious code in test-mlw2-buggy-undug-tires-knots (npm)
The package test-mlw2-buggy-undug-tires-knots was found to contain malicious code...
MAL-2025-35011 Malicious code in test-mlw2-buggy-undug-tires-knots (npm)
The package test-mlw2-buggy-undug-tires-knots was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2025-38346
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address:...
SUSE CVE-2025-38346
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE...
UBUNTU-CVE-2025-38346
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE...
Linux Distros Unpatched Vulnerability : CVE-2021-47560
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from even...
SUSE CVE-2021-47560
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port local...
CVE-2021-47560
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port local...
CVE-2021-47560
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port local...
CVE-2021-47560
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port local...
UBUNTU-CVE-2021-47560
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port local...
CVE-2021-47560 mlxsw: spectrum: Protect driver from buggy firmware
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port local...
CVE-2021-47560
The CVE-2021-47560 issue affects the Linux kernel mlxsw: spectrum driver. When processing port up/down events from device firmware, the driver failed to bail out for CPU port 0 (local port 0), which exists but lacks a netdev, risking a NULL pointer dereference on netif_carrier_{on,off}(). The emb...
CVE-2021-47560 mlxsw: spectrum: Protect driver from buggy firmware
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not the CPU port local...
lp-wohnbau.de Cross Site Scripting vulnerability OBB-2730409
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GHSA-XPWW-G9JX-HP8R Miscomputed sha2 results when using AVX2 backend
The v0.9.7 release of the sha2 crate introduced a new AVX2-accelerated backend which was automatically enabled for all x86/x8664 CPUs where AVX2 support was autodetected at runtime. This backend was buggy and would miscompute results for long messages i.e. messages spanning multiple SHA blocks. T...
Possible exposure of information vulnerability in Action Pack
Impact Under certain circumstances response bodies will not be closed, for example a bug in a webserver https://github.com/puma/puma/pull/2812 or a bug in a Rack middleware. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for...