CVE-2023-53731 netlink: fix potential deadlock in netlink_set_err()

In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e "netlink: disable IRQs for netlinklocktable" in netlinklocktable This patch...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of IRQ security protection in the netlinkseterr function, which could lead to a deadlock...

PT-2025-43132

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc6-syzkaller-00240-g4e9f0ec38852 Description The Linux kernel contained a potential deadlock issue within the netlink set err function. The syzbot fuzzer identified a possible lock inversion dependency,...

EUVD-2007-2793

Malware in sbrugna...

EUVD-2019-17815

Malware in sbrugna...

MAL-2025-47485 Malicious code in http-err-notification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7a2e55871b065fdb7fedf48404b81400a55e30b5682d2f1f52f4518ef24058b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-39858 eth: mlx4: Fix IS_ERR() vs NULL check bug in mlx4_en_create_rx_ring

In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix ISERR vs NULL check bug in mlx4encreaterxring Replace NULL check with ISERR check after calling pagepoolcreate since this function returns error pointers ERRPTR. Using NULL check could lead to invalid pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-39858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix ISERR vs NULL check bug in mlx4encreaterxring Replace NULL check with ISERR...

Malicious Package

Overview err-notification is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Linux Distros Unpatched Vulnerability : CVE-2023-52899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Add exception protection processing for vd in axichanhandleerr function Since there is no protection for vd, a kernel panic will be triggered here in exceptiona...

The vulnerability of the personalizacao.php script of the WeGIA web manager allows attackers to perform cross-site scripting attacks.

The vulnerability of the personalizacao.php script of the WeGIA web manager is related to the failure to protect the structure of the web page when processing the err parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

The vulnerability of the WeGIA web manager’s personalizacao_imagem.php script allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the personalizacaoimagem.php web handler of the WeGIA browser is related to the failure to protect the website structure when processing the err parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

CVE-2025-54077 WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'personalizacao.php' parameter 'err'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the personalizacao.php endpoint of the WeGIA application. This vulnerability allows attackers to...

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter err in the file personalizacaoimagem.php, for which no detailed vulnerability details are...

PT-2025-33574

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw where the indio dev-dev structure is used before initialization in various probe functions. This can lead to a kernel panic when functions like devm...

AZL-57884 CVE-2025-21775 affecting package kernel for versions less than 6.6.79.1-1

In the Linux kernel, the following vulnerability has been resolved: can: ctucanfd: handle skb allocation failure If skb allocation fails, the pointer to struct canframe is NULL. This is actually handled everywhere inside ctucanerrinterrupt except for the only place. Add the missed NULL check. Fou...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for timer use-after-free upon failed mount Syzbot has identified an ODEBUG bug in ext4fillsuper. The deltimersync function cancels the serrreport timer, which reminds of filesystem errors daily. We must ensure that the...

CVE-2024-50954

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network LAN, sending a specific Modbus message to the controller can cau...

CVE-2024-50954

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network LAN, sending a specific Modbus message to the controller can cau...

Malicious code in eth-err (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23c4bffe5738a8f56b76e1eee7ffcc77e32ac120dd99def47a72442f01fe492e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...