Linux Distros Unpatched Vulnerability : CVE-2022-50812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer...

PT-2025-54024

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc7-build3+ 701 Description A flaw exists in the Linux kernel's rxrpc subsystem related to call timeouts. Specifically, the issue occurs when a call is stalled while waiting for a connection, potentially...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992357)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992357 advisory. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix locking in rxrpc's sendmsg Fix three bugs in the rxrpc's sendmsg implementation: 1...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from rxrpc initiating a call timer when a channel is not allocated, which could result in a null pointer...

PT-2025-54203

Name of the Vulnerable Software and Affected Versions RustFS versions prior to 1.0.0-alpha.77 Description RustFS, a distributed object storage system built in Rust, uses a hardcoded static token, "rustfs rpc", for gRPC authentication in versions prior to 1.0.0-alpha.77. This token is publicly...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly configured CONFIGZEROCALLUSEDREGS configuration, which could result in a null pointer...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992639)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992639 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifsserverdbg implies server to be non-NULL so...

EUVD-2025-205640

Micro Registration Utility µURU is a telephone self registration utility based on asterisk. In versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, an attacker can crafts a special federation name and characters treated special by asterisk can be injected into the Dial...

CVE-2025-69205

The CVE-2025-69205 entry affects Micro Registration Utility (µURU), a telephony self-registration tool built on top of Asterisk. The vulnerability occurs in versions up to commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, where an attacker can craft a special federation name containing characters ...

CVE-2025-69205 In µURU, a Specially Crafted Federation Name Allows Dialplan Injection

Micro Registration Utility µURU is a telephone self registration utility based on asterisk. In versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, an attacker can crafts a special federation name and characters treated special by asterisk can be injected into the Dial...

CVE-2025-69205 In µURU, a Specially Crafted Federation Name Allows Dialplan Injection

Micro Registration Utility µURU is a telephone self registration utility based on asterisk. In versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, an attacker can crafts a special federation name and characters treated special by asterisk can be injected into the Dial...

PT-2025-53800

Name of the Vulnerable Software and Affected Versions Micro Registration Utility µURU versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893 Description The Micro Registration Utility µURU, a telephone self registration utility based on asterisk, contains a flaw due to...

Micro User Registration Utility 注入漏洞

Micro User Registration Utility is a telephone auto-registration tool by olel individual developers. An injection vulnerability exists in the Micro User Registration Utility that stems from improper input validation leading to the injection of specially crafted characters, which could lead to cal...

CVE-2025-2155

Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion.This issue affects Specto CM: before 17032025...

SUSE CVE-2023-54108

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that's delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple's Gatekeeper checks. "Unlike earlier MacSync Stealer variant...

EUVD-2025-205227

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUPCREATE ioctl function, which arose as pointer to the group is accessed in that ioctl function after...

CVE-2025-2155

Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion. This issue affects Specto CM: before 17032025...

CVE-2025-2154

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Stored XSS. This issue affects Specto CM: before 17032025...

EUVD-2025-205285

Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion.This issue affects Specto CM: before 17032025...