Important: nvidia-xconfig

Issue Overview: NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

Medium: golist

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

MiracleLinux 7 : java-11-openjdk-11.0.19.0.7-1.el7 (AXSA:2023-5304:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5304:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.372.b07-1.el7 (AXSA:2023-5312:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5312:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 8 : java-11-openjdk-11.0.9.11-0.el8 (AXSA:2020-784:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-784:09 advisory. OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 OpenJDK: Certificate blacklist bypass via alternate certifica...

PT-2025-43529

Name of the Vulnerable Software and Affected Versions FontForge version 20230101 Description FontForge version 20230101 contains a memory leak. This issue is located in the utf7toutf8 copy function at /fontforge/sfd.c. The memory leak occurs during UTF-7 to UTF-8 conversion. Recommendations At th...

kernel security update

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 kernel: eventpoll: Fix semi-unbounded recursion CVE-2025-38614 kernel: ALSA: usb-audio: Validate UAC3 cluster segment...

EUVD-2015-2457

Malware in sbrugna...

EUVD-2018-9192

Malware in sbrugna...

EUVD-2012-2806

Malware in sbrugna...

EUVD-2012-2685

Malware in sbrugna...

EUVD-2020-14446

Malware in sbrugna...

EUVD-2022-54815

Malicious code in bioql PyPI...

EUVD-2023-41197

Malicious code in bioql PyPI...

EUVD-2024-54445

Malicious code in bioql PyPI...

EUVD-2022-34125

Malicious code in bioql PyPI...

AlmaLinux 8 : kernel (ALSA-2025:16372)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:16372 advisory. kernel: vsock: Fix transport TOCTOU CVE-2025-38461 kernel: dochangetype: refuse to operate on unmounted/not ours mounts CVE-2025-38498 kernel: HID: core:...

CVE-2021-25175

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack Crash, Exit, or Restart...

CVE-2021-36357

An issue was discovered in OpenPOWER 2.6 firmware. unpacktimestamp calls le32tocpu for endian conversion of a uint16t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the right endian conversion...