1269 matches found
PT-2025-49021
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of ipcomp fallback tunnels and xfrm states. Specifically, the issue arises when deleting xfrm states, where the fallback state...
GHSA-M84C-4C34-28GF LlamaIndex has Incomplete Documentation of Program Execution related to JsonPickleSerializer component
Incomplete Documentation of Program Execution exists in the run-llama/llamaindex library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer...
PT-2025-33808
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The get pd power uw function may experience a NULL pointer dereference when em cpu get returns NULL. This can occur when a CPU becomes unavailable during runtime, leading to a crash wh...
CVE-2022-49979
In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...
SUSE CVE-2022-49979
In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...
DEBIAN-CVE-2022-49979
In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...
UBUNTU-CVE-2022-49979
In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...
CVE-2022-49979 net: fix refcount bug in sk_psock_get (2)
In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after getblock When getblock is called with a bufferhead allocated on the stack, such as dompagereadpage, stack corruption due to bufferhead UAF may occur in the following race condition...
Incorrect Implementation of Authentication Algorithm
Overview org.postgresql:postgresql is a Java JDBC 4.2 JRE 8+ driver for PostgreSQL database. Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm allowing fallback to insecure authentication despite channelBinding being set to required. The...
CVE-2025-49091
KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code...
DEBIAN-CVE-2025-49091
KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code...
UBUNTU-CVE-2025-49091
KDE Konsole before 25.04.2 allows remote code execution in a certain scenario. It supports loading URLs from the scheme handlers such as a ssh:// or telnet:// or rlogin:// URL. This can be executed regardless of whether the ssh, telnet, or rlogin binary is available. In this mode, there is a code...
GHSA-9WJ4-8H85-PGRW OctoPrint Vulnerable to Denial of Service through malformed HTTP request in OctoPrint
Impact OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint and through that make the web server component become unresponsive. This could be used to effectively run ...
Improper Neutralization
Overview OctoPrint is a snappy web interface for your 3D printer Affected versions of this package are vulnerable to Improper Neutralization through the UploadStorageFallbackHandler request handler. An attacker can make the web server component become unresponsive by sending a manipulated broken...
Malicious code in fallback-screen (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52fe4b497d3bc3400f0efb1ed4a088ae86c5df5b8b3bef8c7d61fb6e41fff413 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4919 Malicious code in fallback-screen (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52fe4b497d3bc3400f0efb1ed4a088ae86c5df5b8b3bef8c7d61fb6e41fff413 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-56169
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties such as Fort are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently...
CVE-2023-21024
In maybeFinish of FallbackHome.java, there is a possible delay of lockdown screen due to logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
CVE-2022-43237
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...