55 matches found
ROOT-OS-DEBIAN-12-CVE-2025-37995 CVE-2025-37995 in rootio-linux - Patched by Root
Root has patched CVE-2025-37995 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
CVE-2025-54135
creationtimestamp| type| source ---|---|--- 2025-08-01 13:31:00+00:00| seen| https://thehackernews.com/2025/08/cursor-ai-code-editor-fixed-flaw.html 2025-08-01 15:45:09+00:00| published-proof-of-concept| https://t.me/thehackernews/7272 2025-08-01 18:23:18+00:00| seen|...
CVE-2021-29545
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...
CLSA-2025-1745586793 cups-filters: Fix of CVE-2024-47076
CVE-2024-47076: cfGetPrinterAttributes5 Validate response attributes before return...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
OESA-2024-2513 ansible security update
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
CBL Mariner 2.0 Security Update: bind (CVE-2023-5517)
The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: -...
SUSE-SU-2023:4084-1 Security update for netatalk
This update for netatalk fixes the following issues: - CVE-2022-22995: Fixed a flaw where combining primitives offered by SMB and AFP in their default configuration may allow an attacker to achieve arbitrary code execution. bsc1197576...
SUSE-SU-2023:3046-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-150100197120 fixes several issues. The following security issues were fixed: - CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outboundphypacketcallback bsc1212347. - CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized...
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded...
memoffset allows reading uninitialized memory
memoffset allows attempt of reading data from address 0 with arbitrary type. This behavior is an undefined behavior because address 0 to std::mem::sizeof may not have valid bit-pattern with T. Old implementation dereferences uninitialized memory obtained from std::mem::alignof. Older implementati...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
SUSE-SU-2022:0463-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-5927 fixes several issues. The following security issues were fixed: - CVE-2021-4202: Fixed NFC race condition by adding NCIUNREG flag bsc1194533. - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input...
SUSE-SU-2022:0151-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance bsc1192146...
Design/Logic Flaw
The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A local attacker may be able to elevate their privileges...
CVE-2020-35453
HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1...
Design/Logic Flaw
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a...
Design/Logic Flaw
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement...
Moderate: Red Hat Security Advisory: openstack-selinux security update
An update for openstack-selinux is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RUSTSEC-2020-0123 Contents of uninitialized memory exposed in DeflateOutput's AsyncRead implementation
Affected versions of this crate passes an uninitialized buffer to a user-provided trait function AsyncRead::pollread. Arbitrary AsyncRead::pollread implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading...