Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdmaacceptnewconn After the erdmacepputnewcep being called, newcep will be freed, and the following dereference will cause a UAF problem. Fix this issue...

PT-2026-37185

Name of the Vulnerable Software and Affected Versions LiteLLM versions 1.74.2 through 1.83.6 Description Two endpoints used to preview an MCP server before saving it, "POST /mcp-rest/test/connection" and "POST /mcp-rest/test/tools/list", accepted a full server configuration in the request body...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-386613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386613 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for connrspepid in htcconnectservice I found the following bug in my...

EUVD-2025-24661

Malicious code in bioql PyPI...

CVE-2025-8963

A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. The attack may be launched remotely...

CVE-2025-0309 Netskope Client Local Elevation of Privileges

An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to...

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint...

UBUNTU-CVE-2025-22088

In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdmaacceptnewconn After the erdmacepputnewcep being called, newcep will be freed, and the following dereference will cause a UAF problem. Fix this issue...

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint...

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint...

CVE-2025-24461

CVE-2025-24461 affects JetBrains TeamCity prior to 2024.12.1. The issue allows decryption of connection secrets without proper permissions via the Test Connection endpoint, exposing high confidentiality impact with no reported integrity or availability changes. Affected component: Test Connection...

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint...

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint...

PT-2025-5367 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.12.1 Description: The issue allows decryption of connection secrets without proper permissions via the "Test Connection" endpoint. This is related to incorrect authorization in the system...

AlmaLinux 8 : kernel (ALSA-2022:1988)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1988 advisory. - In uvcscanchainforward of uvcdriver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of...