8322 matches found
SUSE CVE-2023-53140
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...
DEBIAN-CVE-2023-53140
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...
CVE-2023-53140
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...
CVE-2023-53097
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
CVE-2023-53050
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in margining Memory for the usb4-margining needs to be relased for the upstream port of the router as well, even though the debugfs directory gets released with the router device removal. Fix this...
UBUNTU-CVE-2023-53140
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...
CVE-2022-49888
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...
DEBIAN-CVE-2022-49888
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...
CVE-2022-49888
CVE-2022-49888 affects the ARM64 Linux kernel entry path. The Cortex-A76 erratum workaround (cortex_a76_erratum_1463225_debug_handler) was not inlined due to a patch, allowing a kprobe to probe the function and potentially trigger recursive exceptions and a stack overflow when a probed function e...
CVE-2022-49888 arm64: entry: avoid kprobe recursion
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...
DEBIAN-CVE-2025-37754
In the Linux kernel, the following vulnerability has been resolved: drm/i915/huc: Fix fence not released on early probe errors HuC delayed loading fence, introduced with commit 27536e03271da "drm/i915/huc: track delayed HuC load with a fence", is registered with object tracker early on driver pro...
CVE-2025-23145
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...
Access Control Bypass
Overview browser-use is a Make websites accessible for AI agents Affected versions of this package are vulnerable to Access Control Bypass via the server's configuration, an attacker can access the debug port, which was inadvertently exposed on all network interfaces. Remediation Upgrade...
JetBrains Rider < 2025.1.2 Arbitrary File Overwrite
The version of JetBrains Rider installed on the remote host is prior to 2025.1.2. It is, therefore, affected by a vulnerability as referenced in the TeamCity202504 advisory. - In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not marking cortexa76erratum1463225debughandler as NOKPROBE, which could result in a recursive exception...
CVE-2025-46329 Snowflake Connector for C/C++ inserts client-side encryption key in DEBUG logs
libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage durin...
CVE-2025-46329 Snowflake Connector for C/C++ inserts client-side encryption key in DEBUG logs
libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG, the Connector would log locally the client-side encryption master key of the target stage durin...
NPM Debug Log File Detected
An NPM debug log file have been detected on the target web application. These files may contain sensitive information which could assist an attack to conduct further attacks. No source data...
xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...
CVE-2025-43016
In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session...