22 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7345: RHODF 4.16.30 release DFBUGS-7105: Backport to 4.16.z CLONE - ODF Console is breaking DFBUGS-6743:...
UBUNTU-CVE-2026-23679
libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...
CVE-2026-23679
libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...
PT-2026-43696
Name of the Vulnerable Software and Affected Versions libusb versions prior to 1.0.30 Description A NULL pointer dereference occurs when a malformed USB configuration descriptor is supplied. Specifically, if an interface claims bNumEndpoints greater than zero but is followed by a class-specific...
EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2026-1144)
According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in...
Linux Distros Unpatched Vulnerability : CVE-2026-23009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has ...
EUVD-2021-34746
Hasura GraphQL 1.3.3 contains a denial of service vulnerability that allows attackers to overwhelm the service by crafting malicious GraphQL queries with excessive nested fields. Attackers can send repeated requests with extremely long query strings and multiple threads to consume server resource...
OESA-2025-2757 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious...
OESA-2025-2599 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious...
Amazon Linux 2 : qemu, --advisory ALAS2-2025-3031 (ALAS-2025-3031)
The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3031 advisory. A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoi...
EUVD-2024-51824
Malicious code in bioql PyPI...
CVE-2025-59538 Argo CD is Vulnerable to Unauthenticated Remote DoS via malformed Azure DevOps git.push webhook
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. For versions 2.9.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.6 and 3.0.17, when the webhook.azuredevops.username and webhook.azuredevops.password are not set in the default configuration, the /api/webhook endpoi...
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions
Mattermost Confluence Plugin versions 1.5.0 fails to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the update channel subscription endpoint with an invalid request body...
CVE-2025-54463
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...
CVE-2025-54463
Mattermost Confluence Plugin (github.com/mattermost/mattermost-plugin-confluence) versions
PT-2025-23226 · Vllm · Vllm
Name of the Vulnerable Software and Affected Versions: vLLM versions 0.8.0 through 0.9.0 Description: The issue arises when the /v1/completions API endpoint is hit with an invalid json schema as a Guided Param, causing the vLLM server to crash. This is similar to a previously known issue but...
CVE-2024-53152
In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Move controller cleanups to pexepeventpexrstdeassert Currently, the endpoint cleanup function dwpcieepcleanup and EPF deinit notify function pciepcdeinitnotify are called during the execution of...
CVE-2024-53153 PCI: qcom-ep: Move controller cleanups to qcom_pcie_perst_deassert()
In the Linux kernel, the following vulnerability has been resolved: PCI: qcom-ep: Move controller cleanups to qcompcieperstdeassert Currently, the endpoint cleanup function dwpcieepcleanup and EPF deinit notify function pciepcdeinitnotify are called during the execution of qcompcieperstassert i.e...
CVE-2024-53152
CVE-2024-53152 is a Linux kernel vulnerability affecting Tegra194 PCIe endpoints. The issue: when PERST# is asserted and refclk is disabled, endpoint cleanup paths (dw_pcie_ep_cleanup and pci_epc_deinit_notify) access hardware registers, crashing the endpoint due to host-required refclk. The fix ...
CVE-2024-53152 PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()
In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Move controller cleanups to pexepeventpexrstdeassert Currently, the endpoint cleanup function dwpcieepcleanup and EPF deinit notify function pciepcdeinitnotify are called during the execution of...