PT-2025-37590

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the qlcnic driver where a use-after-free condition can occur during DCB Data Center Bridging operations. Specifically, the adapter-dcb pointer could...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly cleaning the stagedconfig temporary storage in rdtdomain, which could lead to MSR access errors...

Linux Distros Unpatched Vulnerability : CVE-2025-39763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggerin...

CVE-2025-58144

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a restriction on writing BIOs to partitioned devices that is not handled correctly, which could result in a...

AZL-67217 CVE-2025-39763 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorrected error, the CPU will take a synchronous error...

SUSE-SU-2025:20696-1 Security update for vim

This update for vim fixes the following issues: - CVE-2025-53906: Fixed malicious zip archive causing path traversal bsc1246602 - CVE-2025-53905: Fixed malicious tar archive causing path traversal bsc1246604 - CVE-2025-55157: Fixed use-after-free in internal tuple reference management bsc1247938 ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle synchronization memory errors, which could result in a system reboot or a hard...

SUSE-SU-2025:03152-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. -...

Linux Distros Unpatched Vulnerability : CVE-2020-13649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scannerreverseinfolist NULL pointer...

Linux Distros Unpatched Vulnerability : CVE-2022-20499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no...

CVE-2025-58442 Saleor has user enumeration vulnerability due to different error messages

Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of accountRegister may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the...

Google Android elevation of privilege vulnerability (CNVD-2025-23046)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by background activity that may be initiated as a result of logic errors in multiple functions of LocationProviderManager.java. An attacker...

Google Android Information Disclosure Vulnerability (CNVD-2025-24499)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a letter disclosure vulnerability, which is caused by a logic error in multiple locations. An attacker can exploit the vulnerability to potentially cause a local information leak...

Linux Distros Unpatched Vulnerability : CVE-2025-39726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/ism: fix concurrency management in ismcmd The s390x ISM device data sheet clearly states that only one request-response sequence is allowable per ISM...

CVE-2025-39726

Technical details about CVE-2025-39726 are not publicly provided in the connected documents. The entries reference the CVE but do not describe affected products, versions, root cause, exploits, or fixes here. Monitor for updates.

ROS-20250905-07

A vulnerability in the user locking mechanism of the Vault Enterprise and Vault Community Edition enterprise data archiving platforms is due to the application not performing the correct normalization of the application. Enterprise and Vault Community Edition is related to the fact that the...

Security update for redis

This update for redis fixes the following issues: CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and Do...

SUSE-SU-2025:03073-1 Security update for redis

This update for redis fixes the following issues: - CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 - CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation an...

Google Android elevation of privilege vulnerability (CNVD-2026-10643)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a logic error vulnerability, which is caused by a code logic error in multiple functions. An attacker can exploit the vulnerability to cause a local elevation of privilege...