224 matches found
vim security update
An update is available for vim. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...
EUVD-2024-53206
Malicious code in bioql PyPI...
When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.
...
CVE-2025-25177 GPU DDK - Roll-back of pvr_exp_fence not in finalised state can cause UAF
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...
CVE-2025-25177 GPU DDK - Roll-back of pvr_exp_fence not in finalised state can cause UAF
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...
SUSE CVE-2023-53419
In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...
DEBIAN-CVE-2023-53419
In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...
UBUNTU-CVE-2023-53419
In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...
CVE-2023-53419
CVE-2023-53419 : Linux kernel fix for a NULL-pointer dereference in PREEMPT_RT RCU code. The vulnerability arises when CPU2 reads rnp->exp_tasks without holding rnp->lock while CPU1 may update rnp->exp_tasks to NULL, leading to a dereference of a NULL pointer. The documented fix is to ho...
CVE-2023-53419 rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...
CVE-2023-53419 rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...
PT-2025-38438
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to a potential NULL-pointer dereference within the rcu print task exp stall function when built with CONFIG PREEMPT RCU=y. This occurs...
MAL-2025-43213 Malicious code in @zalastax/nolb-exp- (npm)
The package @zalastax/nolb-exp- was found to contain malicious code...
CVE-2012-10043
A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe usage of strcpy duri...
CVE-2012-10043
ActFax Server 4.32 is affected by a stack-based buffer overflow in the Import Users from File function. The root cause is improper validation of the length of tab-delimited fields in .exp files, causing unsafe usage of strcpy() during CSV parsing. An attacker can compromise the system by crafting...
SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:02390-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02390-1 advisory. This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent...
SUSE-SU-2025:02390-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. - CVE-2024-53173:...
MAL-2025-3238 Malicious code in express-exp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b858cc86e409526d24e16f5f635dea2d7cae8c178366e14a5d2843bed3931ae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-52927
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nfctfindexpectation Currently nfconntrackin calling nfctfindexpectation will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the...
firefox: Unexpected GC during RegExp bailout processing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it...