57 matches found
CLSA-2025-1751297888 Update of shim-signed
Make this package installable on a system having an either Cloudlinux or RHEL7 signed kernel - SBAT variables are used now...
PT-2026-38673
Name of the Vulnerable Software and Affected Versions cPanel versions prior to 11.136.0.9 cPanel versions prior to 11.136.1.10 WP Squared cPanel versions prior to 11.134.0.25 cPanel versions prior to 11.132.0.31 cPanel versions prior to 11.130.0.22 cPanel versions prior to 11.126.0.58 cPanel...
CLSA-2026-1777470383 less: Fix of 2 CVEs
Extend ELS coverage to rhel7els, oraclelinux7els and cloudlinux7els. - CVE-2022-48624 and CVE-2024-32487 were already fixed in 458-10.tuxcare.els1; this release reships those fixes to the additional platforms...
CVE-2025-65530
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...
EUVD-2025-203095
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...
CVE-2025-65530
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...
CVE-2025-65530
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...
CVE-2025-65530
An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...
CVE-2025-65530
CVE-2025-65530 describes an eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit, affecting versions prior to 32.7.4. The vulnerability enables attackers to overwrite arbitrary files as root by scanning a crafted file, as stated in Red Hat, ENISA, NVD, CIRCL, CVE List, and...
PT-2025-50945
Name of the Vulnerable Software and Affected Versions CloudLinux ai-bolit versions prior to 32.7.4 Description An eval injection exists in the malware de-obfuscation routines. This allows attackers to overwrite arbitrary files as root by scanning a crafted file. The issue affects the de-obfuscati...
CloudLinux OS 安全漏洞
CloudLinux OS is an operating system from the American company CloudLinux. A security vulnerability exists in CloudLinux OS versions prior to 32.7.4, which stems from an eval injection in malware anti-obfuscation routines that allows an attacker to overwrite arbitrary files by scanning specially...
EUVD-2021-9127
Malicious code in bioql PyPI...
CLSA-2025-1751552694 Update of shim
Use both AlmaLinux and CloudLinux certs for checking images - Debrand to TuxCare - No SB support for aarch64 on TuxCare yet...
CLSA-2025-1751551161 Update of grub2
Improve Xen detection so we don't set GRUBENABLEBLSCFG=false for HVM domU guests - Debrand for Cloudlinux...
CLSA-2025-1751285777 grub2: Fix of 5 CVEs
CVE-2024-45781: fs/ufs: OOB write in the heap - CVE-2024-45782: fs/hfs: strcpy using the volume name - CVE-2024-56737: fs/hfs: Fix stack OOB write with grubstrcpy - CVE-2025-0678: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data - CVE-2025-1125: fs/hfs:...
CLSA-2025-1742374400 grub2: Fix of 2 CVEs
Sign by Cloudlinux - CVE-2023-4692: ntfs: checks to ensure that NTFS drive's sector numbers are never written beyond the boundary - CVE-2023-4693: ntfs: fix an out-of-bounds read flaw on NTFS filesystem driver...
CLSA-2024-1724271309 shim: Fix of 4 CVEs
Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Update to shim-15.8 and fix the following CVEs: Resolves: CVE-2023-40546 Resolves: CVE-2023-40547 Resolves: СVE-2023-40548 Resolves: СVE-2023-40549 Resolves: CVE-2023-40550 Resolves:...
CLSA-2024-1724266264 grub2: Fix of 12 CVEs
Fix package version number - Use CloudLinux vendor cert - Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Add patches from centos-8.5 ELS: - CVE-2021-3695: out-of-bounds write in the heap area by a crafted 16-bit grayscale PNG image -...
CLSA-2024-1721204645 shim-signed: Fix of 4 CVEs
Make this package installable on a system having a either Centos or Cloudlinux signed kernel - Update to shim-15.8 and fix the following CVEs: Resolves: CVE-2023-40546 Resolves: CVE-2023-40547 Resolves: СVE-2023-40548 Resolves: СVE-2023-40549 Resolves: CVE-2023-40550 Resolves: CVE-2023-40551...
CLSA-2024-1711036571 Update of grub2
Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel...