26 matches found
CVE-2026-46049 ALSA: ctxfi: Add fallback to default RSR for S/PDIF
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...
CVE-2026-46049
ALSA: ctxfi: Add fallback to default RSR for S/PDIF...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a possible memory leak when registering the ‘hctx’ variable failed. There is one issue that arises during fault injection tests: An unreferenced object: 0xffff888132a9f400 size 512. The following operations were...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the deleteSession process. An attacker can gain unauthorized access to privileged operations by exploiting the fallback mechanism that assigns a synthetic...
CVE-2026-31995
CVE-2026-31995 affects OpenClaw 2026.1.21 and earlier, where the Lobster extension’s Windows shell fallback can be tricked into executing arbitrary commands. When a spawn failure triggers shell: true, an attacker can influence workflow arguments to cause cmd.exe command interpretation, enabling l...
CVE-2026-27809 psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
CVE-2026-27809 psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data e.g. a literal run that extends past the expected row size, decoderle raises ValueError which propagated all the way to the user, crashin...
K000159874: SSSD vulnerability CVE-2025-11561
Security Advisory Description A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is...
Linux Distros Unpatched Vulnerability : CVE-2022-50434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 size 512:...
SUSE CVE-2022-50434
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 size 512: comm "insmod", pid 308021, jiffies 4324277909 age 509.733s hex dump...
UBUNTU-CVE-2022-50434
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 size 512: comm "insmod", pid 308021, jiffies 4324277909 age 509.733s hex dump...
CVE-2022-50434 blk-mq: fix possible memleak when register 'hctx' failed
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 size 512: comm "insmod", pid 308021, jiffies 4324277909 age 509.733s hex dump...
CVE-2022-50434
CVE-2022-50434: Technical details (affected product/component, root cause, impact, versions, fix) are not present in the connected documents. Monitor for updates.
PT-2025-40119
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue was identified within the Linux kernel’s block I/O queue management blk-mq subsystem. Specifically, the issue occurs during the registration of hardware contexts 'hct...
PT-2025-33599
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to multi-path TCP MPTCP where a race condition can occur between subflow failure and subflow creation. This issue is similar to a previously...
DEBIAN-CVE-2025-22036
In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after getblock When getblock is called with a bufferhead allocated on the stack, such as dompagereadpage, stack corruption due to bufferhead UAF may occur in the following race condition...
Unsafe `Deserialization` in `JsonPickleSerializer` Enables Remote Code Execution
Description A critical deserialization vulnerability exists in the llamaindex library’s JsonPickleSerializer component, enabling remote code execution RCE due to an insecure fallback to Python’s pickle module. When deserializing untrusted data, JsonPickleSerializer prioritizes pickle.loads, which...
DEBIAN-CVE-2024-56169
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties such as Fort are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently...
UBUNTU-CVE-2024-56169
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties such as Fort are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently...
PT-2024-36728 · Fort +1 · Fort +1
Name of the Vulnerable Software and Affected Versions: Fort versions 1.6.4 and earlier, up to but not including 2.0.0 Description: A validation integrity issue was discovered in the product. RPKI Relying Parties, such as Fort, are supposed to maintain a backup cache of the remote RPKI data, which...