152 matches found
PT-2025-49081
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc4+ Description The devl rate nodes destroy function in the Linux kernel did not correctly unset the parent pointer for rate objects, leading to a dangling pointer in the devlink rate struct. This issue...
US Border Patrol Is Spying on Millions of American Drivers
Plus: The SEC lets SolarWinds off the hook, Microsoft stops a historic DDoS attack, and FBI documents reveal the agency spied on an immigration activist Signal group in New York City...
EUVD-2025-198271
@perfood/couch-auth may expose session tokens, passwords...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990381 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990024)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990024 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without...
CVE-2023-53551 usb: gadget: u_serial: Add null pointer check in gserial_resume
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialresume Consider a case where gserialdisconnect has already cleared gser-ioport. And if a wakeup interrupt triggers afterwards, gserialresume gets called, which will lead to...
EUVD-2023-51894
Malicious code in bioql PyPI...
EUVD-2023-59920
Malicious code in bioql PyPI...
RLSA-2025:16432 Moderate: opentelemetry-collector security update
Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score,...
Horilla 跨站脚本漏洞
Horilla is a free and open source human resources software from Horilla, Inc. A cross-site scripting vulnerability exists in Horilla version 1.3.0, which stems from multiple fields in the Project and Task modules not being properly cleared for user input, and could lead to a stored cross-site...
UBUNTU-CVE-2023-53421
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
CVE-2023-53387
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...
CVE-2025-59692
The CVE-2025-59692 issue affects PureVPN CLI 2.0.1 and GUI 2.10.0 on Linux. The root cause is that the VPN client mishandles firewalling by flushing existing iptables rules and applying default ACCEPT policies when connecting to a VPN server, thereby removing manually configured rules and rules f...
CVE-2025-59692
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...
CVE-2023-53356 usb: gadget: u_serial: Add null pointer check in gserial_suspend
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialsuspend Consider a case where gserialdisconnect has already cleared gser-ioport. And if gserialsuspend gets called afterwards, it will lead to accessing of gser-ioport and th...
SUSE CVE-2023-53269
In the Linux kernel, the following vulnerability has been resolved: block: ublk: make sure that block size is set correctly block size is one very key setting for block layer, and bad block size could panic kernel easily. Make sure that block size is set correctly. Meantime if ublkvalidateparams...
CVE-2023-53269
In the Linux kernel, the following vulnerability has been resolved: block: ublk: make sure that block size is set correctly block size is one very key setting for block layer, and bad block size could panic kernel easily. Make sure that block size is set correctly. Meantime if ublkvalidateparams...
DEBIAN-CVE-2023-53181
In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: Stop leaking on krealloc failure Currently dmaresvgetfences will leak the previously allocated array if the fence iteration got restarted and the kreallocarray fails. Free the old array by hand, and make sure we...
CVE-2023-53181
Technical details for CVE-2023-53181 are not provided in the supplied documents. The visible text references a Linux kernel dma-buf leak fix but lacks specific product/version/subcomponent data. Monitor for updates.
Moderate: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...