Astra Linux - уязвимость в puma

Puma is a Ruby/Rack web server designed for parallelism. Prior to version 5.6.2 of Puma, Puma might not always call close on the response body. Before version 7.0.2.2 of Rails, Rails relied on the response body being closed in order for its CurrentAttributes implementation to work correctly. The...

PT-2026-36101

Name of the Vulnerable Software and Affected Versions nanobot affected versions not specified Description An issue exists where including the | character in a sender address allows an attacker to bypass the Channel allowlist. This bypass provides full access to the Agent Loop, exposing all tools,...

uutils coreutils has an Incorrect Short Circuit Evaluation Issue

A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw prevents the utility from performing proper short-circuiting for logical OR | and AND & operation...

EUVD-2021-1893

Malware in sbrugna...

EUVD-2022-7210

Malicious code in bioql PyPI...

EUVD-2024-50562

Malicious code in bioql PyPI...

EUVD-2025-21938

Malicious code in bioql PyPI...

[SECURITY] [DLA 4270-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4270-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès August 12, 2025 https://wiki.debian.org/LTS -...

Linux Distros Unpatched Vulnerability : CVE-2025-7394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values return...

CVE-2025-38046

This CVE entry is rejected/not used as stated; it does not represent an active vulnerability.

Alibaba Cloud Linux 3 : 0064: compat-exiv2-026 (ALINUX3-SA-2021:0064)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0064 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-31291: REJECT DO NOT USE THIS CANDIDATE...

Linux Distros Unpatched Vulnerability : CVE-2020-25575

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce compatibility hazards in some applications, and has a type confusion flaw...

[SECURITY] [DLA 3891-1] mariadb-10.5 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3891-1 [email protected] https://www.debian.org/lts/security/ Otto Kekäläinen September 18, 2024 https://wiki.debian.org/LTS -...

Debian dla-3891 : libmariadb-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3891 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3891-1 [email protected] https://www.debian.org/lts/security/...

Potential memory exhaustion attack due to sparse slice deserialization

Details Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. For instance, in the Proof of Concept written below, someone can specify to set a field of the...

sushi bug fix update

An update is available for sushi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Sushi is a quick file previewer for Nautilus, the GNOME desktop file manager. I...

CVE-2024-26678 x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security issue with compat in x86/efistub...

CVE-2024-0560

A vulnerability was found in 3Scale, when used with Keycloak 15 or RHSSO 7.5.0 and superiors. When the authtype is use3scaleoidcissuerendpoint, the Token Introspection policy discovers the Token Introspection endpoint from the tokenintrospectionendpoint field, but the field was removed on RH-SSO...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...