Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tools/powerturbostat: Fixed the file pointer leak. Currently, if the fscanf function fails, an early return causes a leak of the open file pointer. This issue was fixed by closing the file before returning from the function. This...

Fedora 43 : miniupnpd (2026-5f908cb040)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5f908cb040 advisory. 2026/03/24: fix missing fclose and potential double free in option file parsing 2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders minixml.c:...

EUVD-2007-6231

Malware in sbrugna...

Security update for gnuplot

This update for gnuplot fixes the following issues: CVE-2025-31176: invalid read leads to segmentation fault on plot3dpoints bsc1240325. CVE-2025-31177: improper bounds check leads to heap-buffer overflow on utf8copyone bsc1240326. CVE-2025-31178: unvalidated user input leads to segmentation faul...

SUSE-SU-2025:01811-2 Security update for gnuplot

This update for gnuplot fixes the following issues: - CVE-2025-31176: invalid read leads to segmentation fault on plot3dpoints bsc1240325. - CVE-2025-31177: improper bounds check leads to heap-buffer overflow on utf8copyone bsc1240326. - CVE-2025-31178: unvalidated user input leads to segmentatio...

DEBIAN-CVE-2022-50189

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an open file pointer. Fix this by fclosing the file before the return. Detected using static analysis with cppcheck:...

SUSE-SU-2025:01811-1 Security update for gnuplot

This update for gnuplot fixes the following issues: - CVE-2025-31176: invalid read leads to segmentation fault on plot3dpoints bsc1240325. - CVE-2025-31177: improper bounds check leads to heap-buffer overflow on utf8copyone bsc1240326. - CVE-2025-31178: unvalidated user input leads to segmentatio...

SUSE-SU-2025:01805-1 Security update for gnuplot

This update for gnuplot fixes the following issues: - CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString bsc1240327. - CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime bsc1240328. - CVE-2025-31181: double fclose cal...

Debian: Security Advisory (DLA-269-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit

No description provided by source. / shouts to mitakeet :D exploit for openftpd format string bug. tested on most current version only. -infamous42md AT hotpop DOT com is real email only tricky part is find a place to stick the shell, as there isn't enough room to send it with the format string...

Scientific Linux Security Update : php on SL6.x i386/x86_64 (20131121)

It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. CVE-2006-7243 A flaw was found in PHP's SSL client's hostname identity...

mDNSResponder -- corrupted stack crash when parsing bad resolv.conf

Juli Mallett reports: mdnsd will crash on some systems with a corrupt stack and once that's fixed it will still leak a file descriptor when parsing resolv.conf. The crash is because scanf is used with %10s for a buffer that is only 10 chars long. The buffer size needs increased to 11 chars to hol...

Zoom Player Pro 3.30 - .m3u Local Buffer Overflow (SEH)

Zoom Player Pro 3.30 - .m3u Local Buffer Overflow SEH ?php / Zoom Player Pro v.3.30 .m3u file buffer overflow exploit seh by Nine:Situations:Group::surfista seems the same of http://secunia.com/advisories/28214/ bug found by Luigi Auriemma no full working exploit out, so I made my test version / ...

GLSA-200801-17 : Netkit FTP Server: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200801-17 Netkit FTP Server: Denial of Service Venustech AD-LAB discovered that an FTP client connected to a vulnerable server with passive mode and SSL support can trigger an fclose function call on an uninitialized stream in...