380 matches found
KLA91016 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Monero protocol dissector can be exploited to cause a denial...
agentic-blocks (>=0.1.36 <=0.1.37), aiqtoolkit-agno (>=1.1.0 <=1.3.1) +9 more potentially affected by CVE-2026-35002 via agno (>=1.2.16 <=2.0.9)
agno PYPI version =1.2.16, =0.1.36, =1.1.0, =0.8.0, =0.1.0, =1.3.4, =0.1.0.post1, =1.1.0a20251020, =1.7.0a20260513 - synvya-sdk =0.2.12 Source cves: CVE-2026-35002 Source advisory: OSV:GHSA-77RH-M34W-RV36...
CVE-2026-23376 nvmet-fcloop: Check remoteport port_state before calling done callback
In the Linux kernel, the following vulnerability has been resolved: nvmet-fcloop: Check remoteport portstate before calling done callback In nvmefchandlelsrqstwork, the lsrsp-done callback is only set when remoteport-portstate is FCOBJSTATEONLINE. Otherwise, the nvmefcxmtlsrsp's LLDD call to...
EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1244)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid use-after-free...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: The work item for sending LS requests has been moved to the nvmetfclsreqop structure. It is possible for more than one async command to be executed by nvmetfcsendlsreq. For each command, a reference to the target port i...
PT-2026-8389
Name of the Vulnerable Software and Affected Versions WP Maps – Store Locator, Google Maps, OpenStreetMap, Mapbox, Listing, Directory & Filters plugin for WordPress versions prior to 4.8.7 Description The WP Maps plugin for WordPress is susceptible to a Local File Inclusion issue. This allows...
[SECURITY] Fedora 42 Update: mysql8.0-8.0.44-4.fc42
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002935)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002935 advisory. In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c. Tenable has extracted the preceding description block directly from...
FLIR Thermal Camera 信任管理问题漏洞
FLIR Thermal Camera F Series and others are a series of thermal imaging cameras from FLIR, USA. A trust management issue vulnerability exists in FLIR Thermal Camera F/FC/PT/D version 8.0.0.64, which stems from the presence of hard-coded SSH credentials that could lead to unauthorized remote acces...
Linux Distros Unpatched Vulnerability : CVE-2022-50835
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after use which will lead to reference count leak. CVE-2022-50835 Note...
CVE-2022-50835
In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after use which will lead to reference count leak...
Linux Distros Unpatched Vulnerability : CVE-2023-54014
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Check valid rport returned by fcbsgtorport Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to...
EUVD-2023-60272
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix buffer overrun Klocwork warning: Buffer Overflow - Array Index Out of Bounds Driver uses fcelsflogi to calculate size of buffer. The actual buffer is nested inside of fcelsflogi which is smaller. Replace...
CVE-2023-54054
CVE-2023-54054 pertains to the Linux kernel SCSI qla2xxx driver, where a buffer overrun occurred in the handling of fc_els_flogi, leading to an incorrect buffer size calculation. Multiple connected sources (OSV entries for Debian, Ubuntu, and general OSV) report that the vulnerability has been re...
CVE-2023-54054
...
CVE-2025-40343
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls and then nvmetdisableport. Both functions will eventuall...
UBUNTU-CVE-2025-40343
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls and then nvmetdisableport. Both functions will eventuall...
CVE-2025-40343
CVE-2025-40343 affects the Linux kernel in nvmet-fc where forceful port shutdown can schedule deletion of associations twice. Root cause: nvmet_port_subsys_drop_link() schedules work items for both nvmet_port_del_ctrls() and nvmet_disable_port() before verifying if an association is already being...
CVE-2025-40343
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls and then nvmetdisableport. Both functions will eventuall...
CVE-2025-40343 nvmet-fc: avoid scheduling association deletion twice
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls and then nvmetdisableport. Both functions will eventuall...