EUVD-2022-45504

Malicious code in bioql PyPI...

EUVD-2025-13532

Malicious code in bioql PyPI...

EUVD-2022-4935

Malicious code in bioql PyPI...

EUVD-2022-34176

Malicious code in bioql PyPI...

EUVD-2022-43923

Malicious code in bioql PyPI...

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

CVE-2022-50354 drm/amdkfd: Fix kfd_process_device_init_vm error handling

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfdprocessdeviceinitvm error handling Should only destroy the ibmem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd-qpd structure, to avoid NULL pointer access in process destr...

kernel: tipc: Fix use-after-free in tipc_conn_close()

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcconnclose. syzbot reported a null-ptr-deref in tipcconnclose during netns dismantle. 0 tipctopsrvstop iterates tipcnetnet-topsrv-connidr and calls tipcconnclose for each tipcconn. The problem is th...

Important: redis:6 security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

[SECURITY] Fedora 41 Update: valkey-8.0.4-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

ALSA-2025:11401 Important: valkey security update

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

ROS-20250625-03

Vulnerability of eachpair function from strongparameters.rb of Ruby on Rails software platform is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to confidential data Vulnerability in Ruby on Rails software...

SUSE CVE-2025-38023

In the Linux kernel, the following vulnerability has been resolved: nfs: handle failure of nfsgetlockcontext in unlock path When memory is insufficient, the allocation of nfslockcontext in nfsgetlockcontext fails and returns -ENOMEM. If we mistakenly treat an nfs4unlockdata structure whose lctx...

Fuji Electric Smart Editor X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Smart Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Fuji Electric Smart Editor TL5 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Smart Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2025-30220 GeoTools, GeoServer, and GeoNetwork XML External Entity (XXE) Processing Vulnerability in XSD schema handling

GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity XXE exploit. This impacts whoever exposes XML processing with gt-xsd-core involved in...

USN-7521-3 linux-lowlatency, linux-lowlatency-hwe-6.11, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Serial ATA and Parallel...

CVE-2024-36574

A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON flatten-json/index.js:42...

CVE-2023-26429

Control characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedback and potentially break the exported data structure. We now drop all control characters that are not whitespace character during the export. No publicly...