Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer. Since the report buffer is used by various drivers in various ways, let’s initialize it to zero during allocation, so that it cannot ever be used to leak kernel memory through special...

CVE-2025-50681

igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service application crash via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the recvigmp function in src/igmpproxy.c, an invalid group record type can...

CVE-2024-37063

A cross-site scripting XSS vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser...

UBUNTU-CVE-2024-50302

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...

PT-2024-21044 · Iris · Iris

Name of the Vulnerable Software and Affected Versions: Iris versions prior to 2.4.6 Description: Iris is a web collaborative platform that helps incident responders share technical details during investigations. Due to an improper setup of the Jinja2 environment, reports generation in iris-web is...

PT-2021-14732 · Jenkins · Jenkins Perforce Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Performance Plugin versions 3.20 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers who can control workspace contents to have Jenkins...