Out-of-bounds Read

libpoppler.so is vulnerable to Out-of-bounds Read. The vulnerability is due to improper handling of bitmap combinations within the JBIG2Bitmap::combine function in JBIG2Stream.cc, leading to potential memory access errors...

PT-2025-4337

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue concerns the Linux kernel, specifically the hwmon driver, which can produce garbage data when SCSI errors occur. The scsi execute cmd function can return both negative and positive...

USN-7186-1: Linux kernel (Intel IoTG) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

USN-7179-2: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

PT-2025-1092 · Ibm · Ibm Engineering Lifecycle Optimization - Publishing

Name of the Vulnerable Software and Affected Versions: IBM Engineering Lifecycle Optimization - Publishing versions 7.0.2 through 7.0.3 Description: The issue is related to the implementation of TLS and SSL protocols in the software, which is associated with inadequate access control. Exploitatio...

Fedora: Security Advisory (FEDORA-2024-0fa283c43a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-20839

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.3.6 SPIP versions prior to 4.2.17 SPIP versions prior to 4.1.20 Description SPIP versions prior to 4.3.6, 4.2.17, and 4.1.20 contain a Cross-Site Scripting XSS issue within the private area. The error message displayed...

PT-2026-26113

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to exception handling within the LoongArch BPF JIT compiler. Specifically, the kernel did not proactively call the common fixup routine to...

PT-2025-34411

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the hfsplus filesystem. Syzbot reported an issue where a mutex lock check in hfsplus free extents could trigger warnings and errors during...

PT-2025-52665

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc1-next Description The Linux kernel contains an issue within the jbd2 journaling system. A bug can occur in the jbd2 journal get create access function when the file system is corrupted. Specifically, th...

PT-2025-23000

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious...

PT-2025-27859

Name of the Vulnerable Software and Affected Versions PHP versions prior to 8.1.33 PHP versions prior to 8.2.29 PHP versions prior to 8.3.23 PHP versions prior to 8.4 php7.4 php8.2 Description The pgsql and pdo pgsql escaping functions do not verify if the underlying quoting functions return...

Fedora 41 : iwd / libell (2024-256818da09)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-256818da09 advisory. iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix issue with GCC 15 and -std=c23 build errors. Add support for using PMKSA over SAE if...

CVE-2024-56713

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsimppholdwrite nsimppholdwrite has two problems: 1 It may return with rtnl held, as found by syzbot. 2 Its return value does not propagate an error if any...

SUSE CVE-2024-56538

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpkms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an...

CVE-2024-56614

In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple issues in the bpfmsgpopdata function in the bpf module, which could lead to memory errors...

AZL-54804 CVE-2024-56657 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

DEBIAN-CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56570

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause error...