UBUNTU-CVE-2023-53276

In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...

CVE-2023-53276 ubifs: Free memory for tmpfile name

In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...

CVE-2023-53276 ubifs: Free memory for tmpfile name

In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...

CVE-2023-53276

In CVE-2023-53276, the Linux kernel ubifs code leaks memory: fscrypt_setup_filename allocates memory for the tmpfile name, but this memory is not freed after the name is copied into the directory entry inode (ubifs_tmpfile → vfs_tmpfile → path_openat). The kmemleak report shows an unreferenced ob...

CVE-2023-53276

In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...

CVE-2023-53276 ubifs: Free memory for tmpfile name

In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...

PT-2025-37881

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the ubifs subsystem when opening a ubifs tmpfile on an encrypted directory. The fscrypt setup filename function allocates memory for the filename intended for...

Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-2999 (ALAS-2025-2999)

The version of thunderbird installed on the remote host is prior to 140.2.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2999 advisory. Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: fr...

CVE-2025-57174

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all...

EvilOSX

This is an evil RAT Remote Administration Tool for macOS / OS X. It is a Python-based tool that allows for remote access and control of a compromised system. The tool is designed to be undetectable by anti-virus software and is persistent, meaning it will survive a reboot. The tool has a modular...

APTSimulator

This is a toolset for simulating an APT Advanced Persistent Threat attack on a Windows system. The tool, called APT Simulator, is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. It is designed to be simple and easy to use, requiring...

CVE-2025-59054

dstack is a software development kit SDK to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions of dstack prior to 0.5.4, a malicious host may provide a crafted LUKS2 data volume to a dstack CVM for use as the /data mount. The guest will open t...

CVE-2025-58781

WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic...

CVE-2025-58781

Vulnerability : CVE-2025-58781 affects the WTW-EAGLE App. The app does not properly validate server certificates, enabling a man-in-the-middle attacker to monitor encrypted traffic. Affected products/versions : WTW-EAGLE App for iOS prior to 4.4.1 and Android prior to 4.4.0.10. Other sources reit...

CVE-2025-58781

WTW-EAGLE App does not properly validate server certificates, which may allow a man-in-the-middle attacker to monitor encrypted traffic...

WTW-EAGLE App 信任管理问题漏洞

WTW-EAGLE App is a mobile application from WTW that has the ability to provide risk management, insurance data access and analytics. A trust management issue vulnerability exists in the WTW-EAGLE App that stems from not properly validating server certificates, which could lead to a...

PT-2025-37292

Name of the Vulnerable Software and Affected Versions: WTW-EAGLE App affected versions not specified Description: The WTW-EAGLE App does not properly validate server certificates, potentially allowing a man-in-the-middle attacker to monitor encrypted traffic. Recommendations: At the moment, there...

CVE-2025-40757

A vulnerability has been identified in APOGEE PXC Series BACnet All versions, APOGEE PXC Series P2 Ethernet All versions, TALON TC Series BACnet All versions. Affected devices connected to the network allow unrestricted access to sensitive files, such as databases. This could allow an attacker to...

Linux Distros Unpatched Vulnerability : CVE-2020-29547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS...

CVE-2025-40757

A vulnerability has been identified in APOGEE PXC Series BACnet All versions, APOGEE PXC Series P2 Ethernet All versions, TALON TC Series BACnet All versions. Affected devices connected to the network allow unrestricted access to sensitive files, such as databases. This could allow an attacker to...