Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: detecting invalid INLINEDATA + EXTENTS flag combinations The syzbot reported a BUGON in ext4escacheextent when opening a Verity file on a corrupted ext4 filesystem that was mounted without a journal. The issue arises when t...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010776)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010776 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in...

CVE-2026-4901

Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these sensitive information could be accessed by an unauthorized...

USN-8137-1 ruby2.3, ruby2.5, ruby2.7, ruby3.0, ruby3.2, ruby3.3 vulnerability

It was discovered that the Ruby URI gem did not properly handle sensitive information when combining URIs. A remote attacker could possibly use this issue to leak authentication credentials...

CVE-2025-61594 URI Credential Leakage Bypass over CVE-2025-27221

URI is a module providing classes to handle Uniform Resource Identifiers. In versions 0.12.4 and earlier bundled in Ruby 3.2 series 0.13.2 and earlier bundled in Ruby 3.3 series, 1.0.3 and earlier bundled in Ruby 3.4 series, when using the + operator to combine URIs, sensitive information like...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount CVE-2025-40105 In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination CVE-2025-40167 In the...

ext4: detect invalid INLINE_DATA + EXTENTS flag combination

...

Apollo Federation 安全漏洞

Apollo Federation is an architecture for the Apollo community to declaratively combine APIs into a unified graph. A security vulnerability exists in Apollo Federation versions prior to 2.9.5, prior to 2.10.4, prior to 2.11.5, and prior to 2.12.1, which stems from a flaw in the combination logic...

CVE-2025-40167

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...

CVE-2025-40167 ext4: detect invalid INLINE_DATA + EXTENTS flag combination

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...

CVE-2025-40167 ext4: detect invalid INLINE_DATA + EXTENTS flag combination

In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination syzbot reported a BUGON in ext4escacheextent when opening a verity file on a corrupted ext4 filesystem mounted without a journal. The issue is that the filesystem has an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the detection of an invalid combination of INLINEDATA and EXTENTS flags, which could lead to file system...

EUVD-2017-16807

Malware in sbrugna...

EUVD-2017-16808

Malware in sbrugna...

MAL-2025-45907 Malicious code in round-combination-parts (npm)

The package round-combination-parts was found to contain malicious code...

Malicious code in round-combination-parts (npm)

The package round-combination-parts was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2021-40874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LemonLDAP::NG aka lemonldap-ng 2.0.13. When using the RESTServer plug-in to operate a REST password validation service for another...

BandFuzz: an ML-Powered Collaborative Fuzzing Framework

Collaborative fuzzing has recently emerged as a technique that combines multiple individual fuzzers and dynamically chooses the appropriate combinations suited for different programs. Unlike individual fuzzers, which rely on specific assumptions to maintain their effectiveness, collaborative...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an address combination error that could lead to data corruption...

CVE-2025-48888 Deno run with --allow-read and --deny-read flags results in allowed

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. The result is the same with all global unary permissions give...