AZL-70474 CVE-2022-50233 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...

CVE-2022-50233

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...

CVE-2022-50233 Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name}

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...

Linux Distros Unpatched Vulnerability : CVE-2020-27784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printerioctl printerioctl tries to access of a printerdev instance...

Linux Distros Unpatched Vulnerability : CVE-2023-52929

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we leak nvmem-wpgpio as the...

Linux Distros Unpatched Vulnerability : CVE-2025-46836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and includi...

Linux Distros Unpatched Vulnerability : CVE-2025-37933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeonep: Fix host hang issue during device reboot When the host loses heartbeat messages fr...

async-ssh2-tokio (>=0.2.0 <=0.7.0), dev-tunnels (=0.1.0) +4 more potentially affected by CVE-2025-54804 via russh (>=0.34.0 <=0.37.1)

russh CARGO version =0.34.0, =0.2.0, =0.1.0, =0.2.0, =0.1.0, =0.4.1 - tunnels =0.1.0 Source cves: CVE-2025-54804 Source advisory: OSV:GHSA-H5RC-J5F5-3GCM...

kernel: media: uvcvideo: Fix double free in error path

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvcstatusinit function fails to allocate the inturb, it will free the dev-status pointer but doesn't reset the pointer to NULL. This results in the kfree call in...

@ballerine/workflows-service (>=0.4.6 <=0.5.49), @digitaltg/vc-signer (=1.0.0) +9 more potentially affected by CVE-2025-54782 via @nestjs/devtools-integration (=0.1.6)

@nestjs/devtools-integration NPM version =0.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on @nestjs/devtools-integration and may be impacted: - @ballerine/workflows-service =0.4.6, =0.0.37, =0.0.4, =0.0.1, =0.0.6, =0.0.82, =0.0.32, =1.0.0, =1.0.9 -...

OESA-2025-1925 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count ...

MAL-2025-6629 Malicious code in webpack-dev-server (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in webpack-dev-server (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in pyrofork-dev (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6572 Malicious code in pyrofork-dev (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in trigger-dev-logger (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6773 Malicious code in trigger-dev-logger (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

AZL-72950 CVE-2025-38462 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transportg2h,h2g TOCTOU vsockfindcid and vsockdevdoioctl may race with module unload. transportg2h,h2g may become NULL after the NULL check. Introduce vsocktransportlocalcid to protect from a potential null-ptr-deref...

AZL-65708 CVE-2025-38458 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix NULL pointer dereference in vccsendmsg atmarpddevops does not implement the send method, which may cause crash as bellow. BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: Oops: 0010...

UBUNTU-CVE-2025-38462

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transportg2h,h2g TOCTOU vsockfindcid and vsockdevdoioctl may race with module unload. transportg2h,h2g may become NULL after the NULL check. Introduce vsocktransportlocalcid to protect from a potential null-ptr-deref...