5432 matches found
CVE-2023-53396
The CVE-2023-53396 issue affects the Linux kernel ubifs: memory leak in do_rename when renaming a file in an encrypted directory. The leak stems from fscrypt_setup_filename allocating memory for the file name, which is never used and is not freed before returning. kmemleak shows the unreferenced ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from not freeing memory allocated by fscryptsetupfilename during an encrypted directory rename operation, which...
PT-2025-38375
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the do rename function when renaming a file within an encrypted directory. The fscrypt setup filename function allocates memory for a filename that is never used,...
SUSE CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
DEBIAN-CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
UBUNTU-CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53276 ubifs: Free memory for tmpfile name
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53276 ubifs: Free memory for tmpfile name
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53276
In CVE-2023-53276, the Linux kernel ubifs code leaks memory: fscrypt_setup_filename allocates memory for the tmpfile name, but this memory is not freed after the name is copied into the directory entry inode (ubifs_tmpfile → vfs_tmpfile → path_openat). The kmemleak report shows an unreferenced ob...
CVE-2023-53276 ubifs: Free memory for tmpfile name
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-2999 (ALAS-2025-2999)
The version of thunderbird installed on the remote host is prior to 140.2.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2999 advisory. Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: fr...
PT-2025-37881
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the ubifs subsystem when opening a ubifs tmpfile on an encrypted directory. The fscrypt setup filename function allocates memory for the filename intended for...
CVE-2025-57174
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all...
EvilOSX
This is an evil RAT Remote Administration Tool for macOS / OS X. It is a Python-based tool that allows for remote access and control of a compromised system. The tool is designed to be undetectable by anti-virus software and is persistent, meaning it will survive a reboot. The tool has a modular...
APTSimulator
This is a toolset for simulating an APT Advanced Persistent Threat attack on a Windows system. The tool, called APT Simulator, is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. It is designed to be simple and easy to use, requiring...
CVE-2025-59054
dstack is a software development kit SDK to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions of dstack prior to 0.5.4, a malicious host may provide a crafted LUKS2 data volume to a dstack CVM for use as the /data mount. The guest will open t...
CVE-2025-58781
WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic...
CVE-2025-58781
WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic...