MiracleLinux 9 : kernel-5.14.0-611.16.1.el9_7 (AXSA:2025-11625:100)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11625:100 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file...

kernel: tls: wait for pending async decryptions if tls_strp_msg_hold fails

A vulnerability was found in tlsdecryptsg in net/tls/tlssw.c in networking subsystem in the Linux Kernel.In this flaw, If it fails to clone of the input skb to hold the reference to the memory it uses may lead a use-after-free...

CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...

CVE-2018-9328

PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the terfrom or tag parameter to results.php...

CVE-2009-4858

Cross-site scripting XSS vulnerability in questiondetail.php in Yahoo Answers Clone allows remote attackers to inject arbitrary web script or HTML via the questionid parameter...

CVE-2021-28671

Xerox Phaser 6510 before 64.65.51 and 64.59.11 Bridge, WorkCentre 6515 before 65.65.51 and 65.59.11 Bridge, VersaLink B400 before 37.65.51 and 37.59.01 Bridge, B405 before 38.65.51 and 38.59.01 Bridge, B600/B610 before 32.65.51 and 32.59.01 Bridge, B605/B615 before 33.65.51 and 33.59.01 Bridge,...

CVE-2022-38947

SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry.php in producttitle parameter, allows attackers to execute arbitrary code...

CVE-2022-37068

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal...

Malicious code in btcli-security (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4b868f818b1a81f5fccee1967f70c3ff9d75c218d14ec09882c576a9c2c213e Package clones a legitimate bittensor-cli library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious...

CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

MAL-2026-99 Malicious code in testingpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 577f9c1cdb7d3ef0e010cc9e292142a11f3a84a9f1ed42f238a920e7e9617b35 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...

MAL-2026-53 Malicious code in gztensor-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6010189e23e54782200df770b6e40ed7e37284779c25f28cd145aadd9ee8b623 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...

PT-2026-3763

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.62 Description The Linux kernel contained a flaw within the networking subsystem related to usercopy handling. Specifically, the skbuff fclone cache was initialized without defining a usercopy region, unlike...

SUSE CVE-2022-50784

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as if we should pass it. Coverity CID: 1503456...

SUSE CVE-2022-50817

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...

SUSE CVE-2022-50843

In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clonedtr Dmclone also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in clonedtr...

Linux Distros Unpatched Vulnerability : CVE-2022-50843

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm clone: Fix UAF in clonedtr Dmclone also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in clonedtr...

Linux Distros Unpatched Vulnerability : CVE-2022-50817

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993208 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices...

EUVD-2023-60379

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is a erroneous leftover from original...