Malicious code in cflashfiles (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d8c5174968b7dedf000076201fe6446018aa61048b6a77fc8bc42e16bb796fd9 Malicious clone of legitimate fsspec package. The code was modified to exfiltrate specific files on import. --- Category: MALICIOUS - The campaign has clearly...

CLSA-2026-1768589696 ImageMagick: Fix of CVE-2025-55160

CVE-2025-55160: fix function pointer type mismatch in Clone functions...

MiracleLinux 8 : firefox-91.4.0-1.el8.ML.1 (AXSA:2022-2971:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2971:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

MiracleLinux 9 : git-2.43.5-1.el9_4 (AXSA:2024-8465:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8465:07 advisory. git: Recursive clones RCE CVE-2024-32002 git: RCE while cloning local repos CVE-2024-32004 git: additional local RCE CVE-2024-32465 git: insecure...

kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails

A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000570)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000570 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000875)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000875 advisory. Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003628 advisory. In skclonelock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution...

CVE-2025-68963

Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001826)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001826 advisory. Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002108 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002099 advisory. The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001894 advisory. The clonemnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNTREADONLY flag, which allows local users to bypa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002188 advisory. The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001804)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001804 advisory. fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002332 advisory. fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002436 advisory. The archduptaskstruct function in the Transactional Memory TM implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platfo...

CVE-2025-70744

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the cloneType parameter of the sub65B5C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002312 advisory. Memory leak in the unshareuserns function in kernel/usernamespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service memory...

CVE-2025-68776

A flaw was found in the Linux kernel's High-availability Seamless Redundancy HSR networking component. This vulnerability occurs due to a missing NULL pointer check in the prpgetuntaggedframe function. An attacker could exploit this by triggering a scenario where a memory allocation fails, leadin...