ROS-20250424-02

The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly initializing clkdata.num, which could lead to out-of-bounds access to arrays...

Private Data Structure Returned From A Public Method

github.com/apache/answer, is vulnerable to Private Data Structure Returned From A Public Method. The vulnerability is due to the application allowing external content to be loaded without restriction, allowing an attacker to track or identify users by collecting their IP addresses through...

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

编号撤回

dtale is a pandas data structure visualization tool from Man Open Source. This CVE number has been withdrawn...

CVE-2022-49336

CVE-2022-49336 concerns the Linux kernel, specifically the DRM subsystem driver etnaviv. The vulnerability arises in etnaviv_iommu_unmap_gem: if a mapping has already been reaped, the unmap operation must be a no-op to avoid removing the mapping twice and corrupting kernel data structures. The is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the arm64 topology initialization not setting smtmask correctly before notifying the CPU to boot, which coul...

CVE-2022-28668

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.9.2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

NI Vision Development Module Vision Assistant JPG File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Development Module. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

NI Vision Development Module Vision Assistant JPG File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Development Module. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this...

ALSA-2025:0692 Important: redis:7 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: redis:7 security update

An update for the redis:7 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

DEBIAN-CVE-2024-57907

In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchipsaradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

UBUNTU-CVE-2024-57907

In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchipsaradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

[SECURITY] Fedora 40 Update: redict-7.3.2-1.fc40

Redict is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

[SECURITY] Fedora 40 Update: redis-7.2.7-1.fc40

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

UBUNTU-CVE-2024-53193

In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix memory corruption bug in struct loongson2clkprovider Some heap space is allocated for the flexible structure struct clkhwonecelldata and its flexible-array member hws through the composite structure struct...