Astra Linux - уязвимость в ntp

In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when a \0' character is added. An adversary may be able to attack a client ntpq process, but they cannot attack the ntpd process...

SUSE-SU-2025:4244-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...

EUVD-2021-23211

Malware in sbrugna...

EUVD-2025-20470

Malicious code in bioql PyPI...

EUVD-2024-33419

Malicious code in bioql PyPI...

EUVD-2023-30350

Malicious code in bioql PyPI...

CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly...

CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly...

CVE-2025-27050

CVE-2025-27050 describes a memory corruption (Use-After-Free-like behavior) occurring when processing an event close as a client process terminates abruptly, impacting Qualcomm chipsets (camera-related entry in CVE lists). The issue is triggered locally with low privileges and no user interaction...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets, which arises from a memory corruption that occurs during event shutdown when handling sudden termination of a client process...

CVE-2025-21871 tee: optee: Fix supplicant wait loop

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop OP-TEE supplicant is a user-space daemon and it's possible for it be hung or crashed or killed in the middle of processing an OP-TEE RPC call. It becomes more complicated when there is incorre...

PT-2025-28447 · Qualcomm · Snapdragon +34

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Memory corruption occurs while processing event close when the client process terminates abruptly. Recommendations: At the moment, there is no information about a newer version that contains...

MikroTik RouterOs NULL Pointer Dereference (CVE-2021-36614)

Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference. This plugin only works with Tenable.ot. Please visit...

CVE-2023-26551

An out-of-bounds write flaw was found in the ntp package. A remote attacker can trigger this vulnerability by sending malicious data packets to the ntp server. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

CVE-2023-26553

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

Design/Logic Flaw

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service DoS by sending crafted messages to a OPC/UA client. The client process may crash unexpectedly because of a wrong type cast, and must be restarted...

MikroTik RouterOS 6.x Reachable Assertion Failure / Null Pointer Dereference Vulnerabilities

MikroTik RouterOS version 6.x suffers from having multiple null pointer dereference vulnerabilities and a reachable assertion failure MikroTik RouterOS 6.x Reachable Assertion Failure / Null Pointer Dereference Details ======= Product: MikroTik's RouterOS Vendor URL: https://mikrotik.com/ Vendor...

Command Execution Vulnerability in Omni-Directional PDF Converter

Full range of PDF Converter is a very powerful pdf conversion tool, support PDF documents into Word, Excel, PPT, pictures, text, HTML, Epub, XML. A full range of PDF Converter has a command execution vulnerability that can be exploited by an attacker to inject an executable DLL file into the clie...