CVE-2026-29649

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. NEMU has a security vulnerability, which stems from implementation defects in the RISC-V Hypervisor CSR. This defect may lead to incorrect virtualization configuration execution, causing unexpected traps or denial-of-service...

FreeBSD : powerdns-recursor -- Denial of Service (67793feb-0b5b-11f1-a1c0-0050569f0b83)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 67793feb-0b5b-11f1-a1c0-0050569f0b83 advisory. PowerDNS Team reports: 2025-07: Internal logic flaw in cache management can lead to a denial o...

CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

CVE-2025-59029 Internal logic flaw in cache management can lead to a denial of service in PowerDNS Recursor

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

PowerDNS Recursor DoS Vulnerability (2025-07)

PowerDNS Recursor is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989506)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989506 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cacheshow The function cshow was called with protecti...

EUVD-2019-19028

Malware in sbrugna...

EUVD-2011-1329

Malware in sbrugna...

PT-2025-40955

Name of the Vulnerable Software and Affected Versions Dovecot IMAP Server versions 2.4.0 through 2.4.1 Description When cache is enabled, some passdb/userdb drivers incorrectly cache all users with the same cache key, leading to incorrect cached information being used. After a successful cached...

EUVD-2023-30280

Malicious code in bioql PyPI...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable to Improper Cache Management. (CVE-2025-1348)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed an Improper Cache Management vulnerability. Vulnerability Details CVEID:CVE-2025-1348 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow a local user to obtain sensitive information from a user’s w...

CVE-2023-26460

Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48933: netfilter: nftables: fix memory leak during stateful obj update bsc1229621. CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981...

EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2025-1552)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server...

Alibaba Cloud Linux 3 : 0083: bind (ALINUX3-SA-2023:0083)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0083 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2795: By flooding the target...

CVE-2022-49882

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject attempts to consume or refresh inactive gfntopfncache Reject kvmgpccheck and kvmgpcrefresh if the cache is inactive. Not checking the active flag during refresh is particularly egregious, as KVM can end up with a vali...

Authentication Bypass

github.com/mattermost/mattermost-server is vulnerable to a Authentication Bypass. The vulnerability is due to inadequate cache management during the user-to-bot conversion process, which allows an attacker to log in to the bot once using the original user credentials by bypassing normal...