The vulnerability of the Microsoft Message Queuing (MSMQ) service on Microsoft Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft Message Queuing MSMQ service on Microsoft Windows operating systems is related to pointer swapping errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Remote Desktop Gateway (RD Gateway) for Microsoft Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of the Remote Desktop Gateway RD Gateway for Microsoft Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy. The vulnerabilities include hard-coded cryptographic keys, improper processing of OS commands, and out-of-bounds write and read errors. Attackers can exploit these vulnerabilities to gain...

CVE-2024-57894

...

CVE-2025-0343

Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constrain...

The vulnerability of the Azure Marketplace component of Microsoft Azure’s software platform allows a perpetrator to disclose protected information.

The vulnerability of the Azure Marketplace component of Microsoft Azure’s software platform is related to access control errors. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...

ROS-20250115-06

A vulnerability in the ocfs2 component of the Linux kernel is related to the dereferencing of a NULL pointer in the ocfs2fillsuper function in fs/ocfs2/super.c, toocfs2trigger, ocfs2dbfrozentrigger and ocfs2journalaccess in fs/ocfs2/journal.c. Exploitation of the vulnerability could allow an...

SUSE-SU-2025:0103-1 Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: - CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. -...

CVE-2024-52898

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned...

Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...

PT-2025-1091 · Microsoft · Windows Remote Desktop Gateway +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Gateway RD Gateway affected versions not specified Description: The issue is related to a denial-of-service vulnerability in the Windows Remote Desktop Gateway RD Gateway. It is associated with synchronization errors wh...

ROS-20250114-14

A vulnerability in the compress component of the Linux operating system kernel is related to incorrect blocking in the f2fsreleasecompressblocks and f2fsreservecompressblocks functions in f2fs/file.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...

ROS-20250114-04

The incognito mode vulnerability in Mozilla Firefox, Firefox ESR browsers is due to the application not properly impose security restrictions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions Incognito mode vulnerability in...

CVE-2024-55641

In the Linux kernel, the following vulnerability has been resolved: xfs: unlock inodes when erroring out of xfstransallocdir Debugging a filesystem patch with generic/475 caused the system to hang after observing the following sequences in dmesg: XFS dm-0: metadata I/O error in...

ROS-20250113-05

A vulnerability in the dma-mapping component of the Linux kernel is related to incorrect input validation in the mapbenchmarkioctl function in kernel/dma/mapbenchmark.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the f2fs component of...

The vulnerability of the software for managing Lenovo Accessories and Display Manager (LADM) and the software for managing and configuring Lenovo Display Control Center (LDCC) lies in errors in the authentication process, allowing a perpetrator to execute arbitrary code.

The vulnerabilities of the Lenovo Accessories and Display Manager LADM software for managing accessories and displays, as well as the Lenovo Display Control Center LDCC software for controlling and configuring displays, are related to errors in the certificate validation process. Exploiting these...

SUSE CVE-2024-55641

In the Linux kernel, the following vulnerability has been resolved: xfs: unlock inodes when erroring out of xfstransallocdir Debugging a filesystem patch with generic/475 caused the system to hang after observing the following sequences in dmesg: XFS dm-0: metadata I/O error in...

DEBIAN-CVE-2024-55641

In the Linux kernel, the following vulnerability has been resolved: xfs: unlock inodes when erroring out of xfstransallocdir Debugging a filesystem patch with generic/475 caused the system to hang after observing the following sequences in dmesg: XFS dm-0: metadata I/O error in...

UBUNTU-CVE-2024-55641

In the Linux kernel, the following vulnerability has been resolved: xfs: unlock inodes when erroring out of xfstransallocdir Debugging a filesystem patch with generic/475 caused the system to hang after observing the following sequences in dmesg: XFS dm-0: metadata I/O error in...

CVE-2024-57793 virt: tdx-guest: Just leak decrypted memory on unrecoverable errors

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possible for the untrusted host to cause setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers...