Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: media: staging/intel-ipu3: Fixed error handling for setfmt. If an error occurs during the setfmt operation, do not overwrite the previous sizes with the invalid configuration. Without this patch, v4l2-compliance will end up...

GO-2025-4159 Babylon's BIP322 signature implementation is not fully compliant to the spec in github.com/babylonlabs-io/babylon

Babylon's BIP322 signature implementation is not fully compliant to the spec in github.com/babylonlabs-io/babylon...

EUVD-2025-199101

Babylon's BIP322 signature implementation is not fully compliant to the spec...

EUVD-2024-21054

Malicious code in bioql PyPI...

EUVD-2023-2602

Malicious code in bioql PyPI...

EUVD-2023-43777

Malicious code in bioql PyPI...

EUVD-2025-3115

Malicious code in bioql PyPI...

CVE-2025-56207

A security flaw in the 'transfer' function of a smart contract implementation for Money Making Opportunity MMO, an Ethereum ERC721 Non-Fungible Token NFT project, allows users or attackers to transfer NFTs to the zero address, leading to permanent asset loss and non-compliance with the ERC721...

Malicious code in cordova-plugin-ios-no-export-compliance (npm)

The package cordova-plugin-ios-no-export-compliance was found to contain malicious code...

BIT-GITLAB-2025-5121 Missing Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.4 and 18.0 before 18.0.2. A missing authorization check may have allowed compliance frameworks to be applied to projects outside the compliance framework's group...

PT-2025-2356 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The issue concerns a rejected CVE record due to non-compliance with CNA rules, as it has not been utilized. No further details are provided about the nature of the issue or i...

openshift: OCP & FIPS mode

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated...

openshift: OCP & FIPS mode

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated...

CVE-2023-3089

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated...

CVE-2022-43801

To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...

Mageia: Security Advisory (MGASA-2020-0469)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2020-0469 Updated mbedtls packages fix security vulnerabilities

This update provides security bug fixes and minor enhancements. Limit the size of calculations performed by mbedtlsmpiexpmod to MBEDTLSMPIMAXSIZE to prevent a potential denial of service when generating Diffie-Hellman key pairs. A failure of the random generator was ignored in mbedtlsmpifillrando...

Updated mbedtls packages fix security vulnerabilities

This update provides security bug fixes and minor enhancements. Limit the size of calculations performed by mbedtlsmpiexpmod to MBEDTLSMPIMAXSIZE to prevent a potential denial of service when generating Diffie-Hellman key pairs. A failure of the random generator was ignored in mbedtlsmpifillrando...

Directory traversal

dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to...

Debian Security Advisory DSA 2643-1 (puppet - several vulnerabilities)

Multiple vulnerabilities were discovered in Puppet, a centralized configuration management system. CVE-2013-1640An authenticated malicious client may request its catalog from the puppet master, and cause the puppet master to execute arbitrary code. The puppet master must be made to invoke the...