CVE-2025-52467 pgai secrets exfiltration via `pull_request_target`

pgai is a Python library that transforms PostgreSQL into a retrieval engine for RAG and Agentic applications. Prior to commit 8eb3567, the pgai repository was vulnerable to an attack allowing the exfiltration of all secrets used in one workflow. In particular, the GITHUBTOKEN with write permissio...

DEBIAN-CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

DEBIAN-CVE-2022-49999

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix space cache corruption and potential double allocations When testing spacecache v2 on a large set of machines, we encountered a few symptoms: 1. "unable to add free space :-17" EEXIST errors. 2. Missing free space info...

DEBIAN-CVE-2022-49944

In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsiunregisterconnectors" The recent commit 87d0e2f41b8c "usb: typec: ucsi: add a common function ucsiunregisterconnectors" introduced a regression that caused NULL dereference at...

UBUNTU-CVE-2022-50217

In the Linux kernel, the following vulnerability has been resolved: fuse: write inode in fuserelease A race between write2 and close2 allows pages to be dirtied after fuseflush - writeinodenow. If these pages are not flushed from fuserelease, then there might not be a writable open file later. So...

UBUNTU-CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

CVE-2022-50165

CVE-2022-50165 affects the Linux kernel wifi/wil6210 debugfs, where a logic error in wil_write_file_wmi() stems from a commit that changed simple_write_to_buffer() to memdup_user() but did not adjust the return value, leaving rc uninitialized and returning rc. The fix is to return the length when...

CVE-2022-50126 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will fail assertion 'jh-bfrozendata == NULL' in jbd2journaldirtymetadata: jbd2journalcommittransaction unlinkdir/a jh-btransaction = tran...

CVE-2022-50067

Concretely, CVE-2022-50067 affects Linux kernel’s btrfs relocation logic: if prepare_to_relocate() triggers a failure during a transaction, the code frees the relocation control (rc) but does not clear fs_info->reloc_ctl, leading to a use-after-free when btrfs_init_reloc_root() later reads rc....

CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

CVE-2022-50067 btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

CVE-2025-38030

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

PT-2025-27290

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version containing the fix for this issue Description: The issue is related to the Linux kernel's handling of huge page tables during VMA split. The problem arises because the split vma function triggers...

SUSE CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

CVE-2025-5647

A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function rconscontextbreakpop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The...

OPENSUSE-SU-2025:15200-1 haproxy-3.2.0+git0.e134140d2-2.1 on GA media

These are all security issues fixed in the haproxy-3.2.0+git0.e134140d2-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-48990 NeKernel has Heap Overflow in `rt_copy_memory`

NeKernal is a free and open-source operating system stack. Version 0.0.2 has a 1-byte heap overflow in rtcopymemory, which unconditionally wrote a null terminator at dstlen. When len equals the size of the destination buffer 256 bytes, that extra '\0' write overruns the buffer by one byte. To avo...

SUSE CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c...

CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c...

CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c...