CVE-2025-27465

Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up an...

BIT-PHP-2025-1735 pgsql extension does not check for errors during escaping

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

RHEL 8 : kernel (RHSA-2025:11298)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11298 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: potential buffer overfl...

PT-2025-37221

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to ACPI and APEI handling of synchronous memory errors. When abnormal synchronous errors occur invalid PA, unexpected severity, no memory failu...

AZL-65124 CVE-2025-1735 affecting package php for versions less than 8.1.33-1

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

drm/i915/huc: Fix fence not released on early probe errors

...

CVE-2025-38333

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to bail out in getnewsegment ------------ cut here ------------ WARNING: CPU: 3 PID: 579 at fs/f2fs/segment.c:2832 newcurseg+0x5e8/0x6dc pc : newcurseg+0x5e8/0x6dc Call trace: newcurseg+0x5e8/0x6dc...

DEBIAN-CVE-2025-38289

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmocallbk Smatch detected a potential use-after-free of an ndlp oject in devlosstmocallbk during driver unload or fatal error handling. Fix by reordering code to avoid...

ROS-20250710-06

The Redis database management system DBMS vulnerability is related to boundary checking errors in parsing file names. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Fedora 41 : helix / rust-blazesym-c / rust-clearscreen / rust-gitui / etc (2025-785afc6856)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-785afc6856 advisory. rust-which 8.0.0 - Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks...

SUSE CVE-2025-1735

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

DEBIAN-CVE-2025-38259

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335: Fix missing free of regulator supplies Driver gets and enables all regulator supplies in probe path wcd9335parsedt and wcd9335poweronreset, but does not cleanup in final error paths and in unbind missing...

ASUSTOR ADM 安全漏洞

ASUSTOR ADM is a specialized operating system for all ASUSTOR NAS devices from ASUS, China. A security vulnerability exists in ASUSTOR ADM versions prior to 4.3.1.R5A1, which stems from improper input validation and could result in a system configuration error...

GnuTLS -- multiple vulnerabilities

Daiki Ueno reports: libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps Spotted by oss-fuzz and reported by OpenAI Security Research Team, and fix developed by Andrew Hamilton. GNUTLS-SA-2025-07-07-1, CVSS: medium CVE-2025-32989 libgnutls: Fix double-free upon error when...

Denial Of Service (DoS)

mcp is vulnerable to improper input validation. The vulnerability is due to a validation error when processing malformed requests, which allows an attacker to trigger unhandled exceptions and cause service unavailability 500 errors until the service is manually restarted...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking leading to out-of-bounds writes, which could lead to local elevation of privilege...

Qualcomm Chipsets 加密问题漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A cryptographic issue vulnerability exists in Qualcomm Chipsets that stems from an encryption issue when handling cryptographic API calls, which could lead to corrupted key usage or IV reuse...

SUSE CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

ALPINE-CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...