DEBIAN-CVE-2022-49407

In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will allocate a "struct plockop" and a followed sendop will append it to a global sendlist data structure. In some cases a followed devread...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible invalid read of dlm during a plock operation...

ROS-20250219-04

A vulnerability in Git's distributed version control system is related to a flaw in the mechanism for encoding or shielding of output data. Exploitation of the vulnerability allows a remote attacker, gain access to sensitive data Vulnerability in the ANSI Escape Sequence Handler component of the...

The vulnerability of the distributed database management system Apache Cassandra lies in its insecure handling of privileges, allowing attackers to elevate their own privileges.

The vulnerability of the distributed database management system Apache Cassandra lies in the insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

Distributed AI Inferencing — The Next Generation of Computing

...

Wazuh 代码问题漏洞

Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A code issue vulnerability exists in Wazuh versions prior to 4.4.0 through 4.9.1 that stems from insecure...

The vulnerability of the distributed Git version control system, related to the lack of mechanisms for encoding or shielding output data, allows a hacker to disclose protected information.

The vulnerability of the distributed Git version control system is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to confidential data...

CVE-2022-27183

The Monitoring Console app configured in Distributed mode allows for a Reflected XSS in a query parameter in Splunk Enterprise versions before 8.1.4. The Monitoring Console app is a bundled app included in Splunk Enterprise, not for download on SplunkBase, and not installed on Splunk Cloud Platfo...

CVE-2022-2253

A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server...

CVE-2024-5016

In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage f...

SUSE CVE-2025-21673

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCPServerInfo::hostname When shutting down the server in cifsputtcpsession, cifsd thread might be reconnecting to multiple DFS targets before it realizes it should exit the loop, so @server-hostnam...

DEBIAN-CVE-2025-21673

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCPServerInfo::hostname When shutting down the server in cifsputtcpsession, cifsd thread might be reconnecting to multiple DFS targets before it realizes it should exit the loop, so @server-hostnam...

CVE-2025-21673 smb: client: fix double free of TCP_Server_Info::hostname

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCPServerInfo::hostname When shutting down the server in cifsputtcpsession, cifsd thread might be reconnecting to multiple DFS targets before it realizes it should exit the loop, so @server-hostnam...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the fact that the cifsputtcpsession function may still be attempting to reconnect to a D...

CVE-2025-24356

fastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address and initiate a reconnect by sending a handshake packet. This "fast...

CVE-2025-24356 UDP traffic amplification via fastd's fast reconnect feature

fastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address and initiate a reconnect by sending a handshake packet. This "fast...

CVE-2025-24356 UDP traffic amplification via fastd's fast reconnect feature

fastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address and initiate a reconnect by sending a handshake packet. This "fast...

CVE-2025-24356

The CVE-2025-24356 affects the fastd VPN daemon. When fastd receives a data packet from an unknown IP/port, it may assume a peer moved and trigger a fast-reconnect handshake (~150 bytes of UDP payload), creating an amplification factor of about 12–13 for UDP traffic. This can be exploited by spoo...

CVE-2025-24356 UDP traffic amplification via fastd's fast reconnect feature

fastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd will assume that one of its connected peers has moved to a new address and initiate a reconnect by sending a handshake packet. This "fast...

Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.4 release

A new version of Red Hat OpenShift distributed tracing platform Jaeger has been released Red Hat OpenShift distributed tracing platform based on Jaeger. Jaeger is a project inspired by Dapper and OpenZipkin. It is a distributed tracing system released as open source by Uber Technologies. It is us...