3659 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site request forgery CSRF vulnerability in the wpajaxwpcompressiontest function in wp- admin/includes/ajax-actions.php in WordPress before 4.5 allows remo...
CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...
CVE-2025-38627
CVE-2025-38627 affects the f2fs component of the Linux kernel. The root cause is a use-after-free of f2fs_inode_info in f2fs_free_dic when decompress_io_ctx is released asynchronously after I/O completion, potentially evicting the inode before dic is used. The exploit scenario involves concurrent...
CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.2)
The version of AHV installed on the remote host is prior to AHV-10.0.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.2 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...
USN-7704-4: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7704-4 linux-nvidia vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7704-3 linux-ibm, linux-intel-iotg, linux-oracle, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7704-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7704-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle-5.15, linux-realtime, linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
Linux Distros Unpatched Vulnerability : CVE-2024-28102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by...
Linux Distros Unpatched Vulnerability : CVE-2024-57923
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length...
USN-7704-2 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
Oracle Linux 8 : go-toolset:rhel8 (ELSA-2025-13940)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13940 advisory. delve 1.24.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev golang 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106455 go-toolset...
go-toolset:rhel8 security update
delve 1.24.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev golang 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106455 go-toolset 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106455...
Linux Distros Unpatched Vulnerability : CVE-2023-33953
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Thr...
Malicious code in compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top (npm)
The package compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top was found to contain malicious code...
MAL-2025-17459 Malicious code in compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top (npm)
The package compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top was found to contain malicious code...
MAL-2025-40560 Malicious code in ynodejs_mod_gzip (npm)
The package ynodejsmodgzip was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2024-33847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may b...