Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syste...

SUSE CVE-2026-42584

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103,...

CVE-2026-35339

The recursive mode -R of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 success even if error...

PT-2026-34475

The recursive mode -R of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 success even if error...

CVE-2025-70231

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability...

CyreneAdmin 授权问题漏洞

CyreneAdmin is a backend management system developed by CoCoTea’s individual developers. Versions of CyreneAdmin prior to 1.3.0 had vulnerabilities related to authorization. These vulnerabilities stemmed from improper handling of unknown code in files/api/system/dashboard/getCount, which could le...

Prime security vulnerabilities

Prime is a content management system developed by Birkir Gudjonsson. Versions of Prime prior to 0.4.0.beta.0 contained security vulnerabilities, which were caused by incorrect handling of unknown code. These vulnerabilities could lead to cross-site request forgery attacks...

MiracleLinux 8 : libssh-0.9.6-16.el8_10 (AXSA:2025-11173:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11173:03 advisory. libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 Tenable has extracted the preceding description block directly from the MiracleLinu...

ima: Handle error code returned by ima_filter_rule_match()

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling the error code returned by imafilterrulematch, which could result in additional files bein...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

RLSA-2025:21977 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 For more details about the security issues, including the impact, a CVSS score,...

ALSA-2025:21977 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 For more details about the security issues, including the impact, a CVSS score,...

EUVD-2018-12643

Malware in sbrugna...

EUVD-2022-5058

Malicious code in bioql PyPI...

CVE-2025-34186 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system call for authentication, allowing attackers to inject special characters and manipulate command parsing. Because the binary interprets non-zero exit...

nfsd: don't ignore the return code of svc_proc_register()

...

Libssh: incorrect return code handling in ssh_kdf() in libssh

...

CVE-2025-5372 Libssh: incorrect return code handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...