CVE-2025-40248

CVE-2025-40248 affects the Linux kernel vsock connect path, where signaling/timeout handling can race with established sockets, potentially causing use-after-free, sockmap state issues and linger behavior. Public advisories (MGASA-2026-0018 and vendor advisories) confirm a fix in kernel versions ...

CVE-2025-66220 Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy’s mTLS certificate matcher for matchtypedsubjectaltnames may incorrectly treat certificates containing an embedded null byte \0 inside an OTHERNAME SAN value as valid matches...

CLSA-2025-1764688910 binutils: Fix of CVE-2025-0840

CVE-2025-0840: fix stack-based buffer overflow in disassemblebytes function...

EUVD-2025-200211

Eclipse Paho Go MQTT may incorrectly encode strings if length exceeds 65535 bytes...

AZL-71311 CVE-2025-10543 affecting package influxdb for versions less than 2.7.5-10

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

Malicious code in bytes-to-x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d19001ff544a780ecb8d28a32f64cdd826bdeeef576c1350b61b5c699d30029 The package bytes-to-x was found to contain malicious code. Source: ghsa-malware 0c7ce92280ddc3448a5bcc7c44e7807c8e4b4226449cc6de80708d7d48b7970e Any...

MAL-2025-191080 Malicious code in bytes-to-x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d19001ff544a780ecb8d28a32f64cdd826bdeeef576c1350b61b5c699d30029 The package bytes-to-x was found to contain malicious code. Source: ghsa-malware 0c7ce92280ddc3448a5bcc7c44e7807c8e4b4226449cc6de80708d7d48b7970e Any...

EUVD-2025-199182

Malicious code in bytes-to-x npm...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

TencentOS Server 4: python3.12 (TSSA-2025:0530)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0530 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

[SECURITY] Fedora 41 Update: rust-get-size2-0.7.1-1.fc41

Determine the size in bytes an object occupies inside RAM...

CVE-2025-60695

A stack-based buffer overflow vulnerability exists in the mtkdut binary of Linksys E7350 routers Firmware 1.1.00.032. The function sub4045A8 reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and then copies it into caller-provided buffer a1 using strcpy without boundary...

CVE-2025-64429

A vulnerability was found in DuckDB’s database encryption design. In certain situations, DuckDB could generate encryption keys using a weak random number generator, fail to reliably wipe keys from memory, accept manipulated database headers that disable integrity protection, or miss detecting...

SUSE CVE-2025-57812

CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. In CUPS-Filters versions up to and including 1.28.17...

Siemens SIMATIC S7-1500 Use of Insufficiently Random Values (CVE-2020-11501)

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

DEBIAN-CVE-2025-64503

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In cups-filters prior to 1.28.18, by crafting a PDF file with a large MediaBox value, an attacker can cause CUPS-Filter 1.x’s pdftoraster tool to...

PYSEC-2025-112

DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...

CVE-2025-64503 [BIGSLEEP-434615384] cups-filters 1.x: out of bounds write in pdftoraster

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In cups-filters prior to 1.28.18, by crafting a PDF file with a large MediaBox value, an attacker can cause CUPS-Filter 1.x’s pdftoraster tool to...

CVE-2025-40126 sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC

In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respectiv...

CVE-2025-40126

CVE-2025-40126 affects the Linux kernel (sparc/UltraSPARC) where a faulty exception handling path in copy_from_user and copy_to_user could affect the return value in faulting scenarios. The referenced commit added exception handlers for user-space memory references and incorrectly calculated the ...