5 matches found
Renovate vulnerable to arbitrary command injection via gleam manager and malicious gleam.toml file
Summary The user-provided string depName in the gleam manager is appended to the gleam deps update command without proper sanitization. Details Adversaries can provide a maliciously crafted gleam.toml in conjunctions with a tweaked Renovate configuration file to trick Renovate to execute arbitrar...
PT-2025-31960 · Undefined · Undefined
📢BREAKING: CVE-2025-02701 Python vuln CVSS 6.8 patched in SUSE. Local privilege escalation risk! 🔐 Patch guide ⚠️ Container impact analysis. 📉 Compliance stats . Read more: 👉 https://t.co/X2STlybkx2 https://t.co/mF9A2QGv6o...
Missing connection timeout in Aardvark-dns
A flaw was found in Aardvark-dns versions 1.12.0 and 1.12.1. They contain a denial of service vulnerability due to serial processing of TCP DNS queries. This flaw allows a malicious client to keep a TCP connection open indefinitely, causing other DNS queries to time out and resulting in a denial ...
kernel: ipv4: denial of service when destroying a network interface
A security flaw was found in the Linux kernel's networking subsystem that destroying the network interface with huge number of ipv4 addresses assigned keeps "rtnllock" spinlock for a very long time up to hour. This blocks many network-related operations, including creation of new incoming ssh...
kernel: ipv4: denial of service when destroying a network interface
A security flaw was found in the Linux kernel's networking subsystem that destroying the network interface with huge number of ipv4 addresses assigned keeps "rtnllock" spinlock for a very long time up to hour. This blocks many network-related operations, including creation of new incoming ssh...