59133 matches found
PT-2026-36758
Name of the Vulnerable Software and Affected Versions pixelsock directus-mcp version 1.0.0 Description A flaw in the MCP Interface component allows for server-side request forgery SSRF, a condition where an attacker can induce the server to make requests to an unintended location. This occurs...
Oracle Linux 9 : vim (ELSA-2026-11510)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11510 advisory. - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin - RHEL-155422 CVE-2026-28421 vim: Vim: Denial of...
GeoVision GV-VMS 缓冲区错误漏洞
GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The version GV-VMS V20 20.0.2 contains a buffer error vulnerability. This vulnerability stems from a stack overflow issue in the WebCam Server login function, which may allow custom HTTP requests t...
PT-2026-36752
Name of the Vulnerable Software and Affected Versions PrefectHQ prefect versions prior to 3.6.22 Description Improper authentication in the Health Check API allows a remote attacker to perform a manipulation. This issue specifically impacts the endswith function within the '/api/health' endpoint...
Astra Linux – Vulnerability in libwebp
A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the ShiftBytes function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ICE: Fix for the crash in the ethtool offline loopback test. Since the conversion of ICE to page pool, the ethtool loopback test crashes. BUG: Kernel NULL pointer dereference, address: 000000000000000c PF: Supervisor write access...
Astra Linux – Vulnerability in OpenVSwitch
It has been discovered that openvswitch 2.17.8 contains a memory leak due to the xmalloc function in openvswitch-2.17.8/lib/util.c...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Do not attempt to trigger a full GT reset if there is a VF involved. VFs do not have access to the GDRST0x941c register, which is used by the driver to reset the GT. Attempt to trigger a reset using debugfs: bash $ cat...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed the LAG and VF lock dependencies in iceresetvf. The commit fixes the issue where the ice driver acquires the LAG mutex during iceresetvf. This lock acquisition is placed just before acquiring the VF configuration...
Astra Linux – Vulnerability in dcmtk
There is an improper array index validation vulnerability in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF A hung task trace was observed during LOGO processing. 974.309060 0000:00:00.0: qedfehdevicereset:868: 1:0:2:0: LUN RESET issued… 974.309065 0000:00:00.0:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix for live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed possible invalid memory accesses after the FLR Function Level Reset. In the case where the first FLR Function Level Reset is completed correctly, but during the second FLR, the scratch area for the saved...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed the uninit-value access to imap allocated in the diMount function. The syzbot reports that hexdumptobuffer uses uninit-value: ===================================================== BUG: KMSAN: uninit-value in...
Astra Linux – Vulnerability in fig2dev
Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...
Astra Linux – Vulnerability in node-hosted-git-info
Packages that use hosted-git-info before version 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS attacks due to the regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expressions have a polynomial worst-case time complexity...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Tracing: Limit access to parser-buffer when tracegetuser fails. When the length of the string written to setftracefilter exceeds FTRACEBUFFMAX, the following KASAN alarm will be triggered: BUG: KASAN: Slab-out-of-bounds in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: blk-rq-qos: fixed a crash that occurred during the race between rqqoswait and rqqoswakefunction. We are encountering crashes due to rqqoswakefunction, which manifest as follows: BUG: Unable to handle a page fault for address:...
Astra Linux – Vulnerability in w3m
There is a out-of-bounds write in the checkType field located in etc.c in w3m 0.5.3. This issue can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause a Denial of Service attack, or potentially have unspecified other impacts...