4730 matches found
CVE-2025-54409
AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...
DEBIAN-CVE-2025-54409
AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...
CVE-2025-54409 AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS)
AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...
GHSA-F9F8-9PMF-XV68 Helm May Panic Due To Incorrect YAML Content
A Helm contributor discovered an improper validation of type error when parsing Chart.yaml and index.yaml files that can lead to a panic. Impact There are two areas of YAML validation that were impacted. First, when a Chart.yaml file had a null maintainer or the child or parent of a dependencies...
Helm May Panic Due To Incorrect YAML Content
A Helm contributor discovered an improper validation of type error when parsing Chart.yaml and index.yaml files that can lead to a panic. Impact There are two areas of YAML validation that were impacted. First, when a Chart.yaml file had a null maintainer or the child or parent of a dependencies...
PT-2025-33307
Name of the Vulnerable Software and Affected Versions: AIDE versions 0.13 through 0.19.1 Description: AIDE, an advanced intrusion detection environment, contains a null pointer dereference issue. An attacker can crash the program during report printing or database listing after setting extended...
EulerOS 2.0 SP13 : nss (EulerOS-SA-2025-1996)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is...
EulerOS 2.0 SP11 : nss (EulerOS-SA-2025-1936)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is...
EulerOS 2.0 SP11 : nss (EulerOS-SA-2025-1962)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is...
PT-2025-33103 · Helm · Helm
Name of the Vulnerable Software and Affected Versions: Helm versions prior to 3.18.5 Description: Helm is a package manager for Charts for Kubernetes. An improper validation of type error when parsing Chart.yaml and index.yaml files can lead to a panic. This issue impacts YAML validation where a...
EulerOS 2.0 SP13 : nss (EulerOS-SA-2025-1982)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is...
Linux Distros Unpatched Vulnerability : CVE-2022-22747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to...
Linux Distros Unpatched Vulnerability : CVE-2024-26970
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays...
Linux Distros Unpatched Vulnerability : CVE-2025-38350
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs...
Linux Distros Unpatched Vulnerability : CVE-2024-3860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This...
BIT-LIBPYTHON-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter
An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...
Linux Distros Unpatched Vulnerability : CVE-2023-52767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tls: fix NULL deref on tlsswspliceeof with empty record syzkaller discovered that if...
Linux Distros Unpatched Vulnerability : CVE-2024-53211
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/l2tp: fix warning in l2tpexitnet found by syzbot In l2tp's net exit handler, we check...
Linux Distros Unpatched Vulnerability : CVE-2018-1304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The URL pattern of the empty string which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27,...
Linux Distros Unpatched Vulnerability : CVE-2023-52443
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in...