Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A check on the count value of channel specifications is added to prevent out-of-bounds reads. This patch fixes out-of-bounds reads in brcmfconstructchaninfo and brcmfenablebw402g when the count value of channel...

CVE-2021-0978

In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed...

PT-2025-52986

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the iwlwifi component, specifically in the iwl mvm max amsdu size function. This issue arises when handling Multiple Logical LANs MLO, where...

EUVD-2018-11967

Malware in sbrugna...

EUVD-2022-25553

Malicious code in bioql PyPI...

EUVD-2023-3122

Malicious code in bioql PyPI...

EUVD-2023-25500

Malicious code in bioql PyPI...

EUVD-2023-25469

Malicious code in bioql PyPI...

EUVD-2023-41369

Malicious code in bioql PyPI...

EUVD-2023-25484

Malicious code in bioql PyPI...

EUVD-2022-25564

Malicious code in bioql PyPI...

EUVD-2023-25485

Malicious code in bioql PyPI...

EUVD-2023-25486

Malicious code in bioql PyPI...

EUVD-2023-25504

Malicious code in bioql PyPI...

EUVD-2023-37279

Malicious code in bioql PyPI...

SUSE CVE-2025-47871

Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to properly validate channel membership when retrieving playbook run metadata, allowing authenticated users who are playbook members but not channel members to access sensitive informatio...

CVE-2024-42406

Mattermost versions 9.11.x = 9.11.0, 9.10.x = 9.10.1, 9.9.x = 9.9.2 and 9.5.x = 9.5.8 fail to properly authorize requests when viewing archived channels is disabled, which allows an attacker to retrieve post and file information about archived channels. Examples are flagged or unread posts as wel...

CVE-2023-37482

The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...

CVE-2023-37482

The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...

CVE-2023-37482

CVE-2023-37482 affects Siemens SIMATIC web servers (e.g., SIMATIC S7-1200/1500 family). The vulnerability stems from login response timing not being normalized, enabling an unauthenticated remote attacker to perform user enumeration by distinguishing valid vs. invalid usernames via a side channel...