Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management command NOP OUT to the device to recover the link. If this command times out and clearing the device...

CVE-2025-40213 Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...

EUVD-2019-12143

Malware in sbrugna...

CVE-2024-21171

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

CLSA-2024-1711026811 kernel: Fix of 7 CVEs

netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one CVE-2023-39197 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier CVE-2023-52449 - media: pvrusb2: fix use after free on context disconnection CVE-2023-52445 - net: prevent mss overflow in skbsegment...

CLSA-2024-1711026398 kernel: Fix of 7 CVEs

netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one CVE-2023-39197 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier CVE-2023-52449 - media: pvrusb2: fix use after free on context disconnection CVE-2023-52445 - net: prevent mss overflow in skbsegment...

AZL-31569 CVE-2023-22066 affecting package mysql for versions less than 8.0.35-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2021-2217

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2018-2718

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: RPC. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this...