Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: Fixed a memory leak in compatinsnlist. compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl function when CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn...

GHSA-442J-39WM-28R2 Handlebars.js has a Property Access Validation Bypass in container.lookup

Summary In lib/handlebars/runtime.js, the container.lookup function uses container.lookupProperty as a gate check to enforce prototype-access controls, but then discards the validated result and performs a second, unguarded property access depthsiname. This Time-of-Check Time-of-Use TOCTOU patter...

EUVD-2006-7182

Malware in sbrugna...

EUVD-2017-9338

Malware in sbrugna...

EUVD-2020-25296

Malware in sbrugna...

CVE-2025-7705 Authentication bypass due to compatibility mode enabled by default

: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions...

CVE-2025-7705 Authentication bypass due to compatibility mode enabled by default

: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions...

CVE-2025-7705

CVE-2025-7705 affects ABB Switch Actuator 4 DU-83330 and ABB Switch actuator, door/light 4 DU-83330-500, all versions. The issue is described as an Active Debug Code vulnerability. The PT-2025-30398 entry confirms the vulnerable components and versions and states there is no information about a f...

SUSE CVE-2022-49520

In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESRELx for a bad syscall If a compat process tries to execute an unknown system call above the ARMNRCOMPATEND number, the kernel sends a SIGILL signal to the offending process...

SUSE CVE-2022-49629

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthopcompatmode. While reading nexthopcompatmode, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2022-49629 nexthop: Fix data-races around nexthop_compat_mode.

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix data-races around nexthopcompatmode. While reading nexthopcompatmode, it can be changed concurrently. Thus, we need to add READONCE to its readers...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to symbolically expand an old ftruncate function system call using a 32-bit offt when called in...

SUSE CVE-2021-47364

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...

DEBIAN-CVE-2021-47364

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...

SUSE CVE-2006-7203

The compatsysmount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service NULL pointer dereference and oops by mounting a smbfs file system in compatibility mode "mount -t smbfs"...

SUSE CVE-2017-18205

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set...

Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape parameter before outputting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled, leading to a Reflected Cross-Site Scripting PoC With the "Compatibility Mode"...

Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape parameter before outputting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled, leading to a Reflected Cross-Site Scripting With the "Compatibility Mode"...

Denial Of Service (DoS)

FreeRDP is vulnerable to denial of service. A use-after-free in gdiSelectObject causes clients using compatibility mode with /relax-order-checks to be vulnerable to an application crash...

CVE-2020-4031

In FreeRDP before version 2.1.2, there is a use-after-free in gdiSelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2...