12 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46173
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is...
PT-2026-37494
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Crafted EROFS images containing valid volume labels can trigger incorrect early returns in volume label handling, leading to folio reference leaks. Folio reference leaks occur when the...
EUVD-2026-13148
ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing...
CVE-2026-25667
The OSV entries and CVE describe a vulnerability in ASP.NET Core Kestrel (Microsoft .NET 8.0 < 8.0.22 and .NET 9.0
MiracleLinux 3 : samba-3.0.33-3.38.0.1.AXS3 (AXSA:2012-264:01)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-264:01 advisory. Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of available files an...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grub2 (SUSE-SU-2025:4196-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4196-1 advisory. - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-fre...
kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...
AZL-56885 CVE-2025-25204 affecting package gh for versions less than 2.62.0-6
gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...
UBUNTU-CVE-2025-25204
gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from post-release reuse in the bfadimmoduleexit function in the scsi:bfa module...
The vulnerability of the ContentStream._readInlineImage function in the PDF processing library PyPDF2, which allows a hacker to trigger a service failure.
The vulnerability of the ContentStream.readInlineImage function in the PDF processing library PyPDF2 is related to an incorrect implementation of the exit condition from the loop. Exploiting this vulnerability allows a malicious actor to cause service failure by using a specially created PDF file...
Mozilla: Browser window spoof using fullscreen mode
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when exiting fullscreen mode, an iframe could have confused the browser about the current state of the fullscreen, resulting in potential user confusion or spoofing attacks...