Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987369)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987369 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantechchangereportid The array param in...

CVE-2023-53399

CVE-2023-53399 affects the Linux kernel’s ksmbd component, specifically a NULL pointer dereference in smb2_get_info_filesystem(). The issue occurs when share is present but share->path is NULL, which can trigger a crash. The connected sources consistently describe the vulnerability as resolved...

SUSE-SU-2025:20436-1 Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301: security/keys:...

SUSE-SU-2025:20450-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301:...

SUSE CVE-2023-53035

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel-infoleak in nilfsioctlwrapcopy The ioctl helper function nilfsioctlwrapcopy, which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioctl...

netfilter: Fix use-after-free in get_info()

...

DEBIAN-CVE-2024-50257

In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...

AZL-53304 CVE-2024-50257 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...

UBUNTU-CVE-2024-50257

In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...

CVE-2024-46937

An improper access control IDOR vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server SAS 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authentication. The is a brute-force attack on the...

UBUNTU-CVE-2021-47097

In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantechchangereportid The array param in elantechchangereportid must be at least 3 bytes, because elantechreadregparams is calling ps2command with PSMOUSECMDGETINFO, that is goi...

NethServer nethserver-phonenehome SQL注入漏洞

nethserver-phonenehome is an open source application for NethServer. It is used to track all NethServer installations worldwide. NethServer nethserver-phonenehome suffers from a SQL injection vulnerability that originates from a security issue in the function getinfo/getcountrycoor in the file...

PT-2023-12417 · Unknown · Nethserver

Name of the Vulnerable Software and Affected Versions: NethServer phonenehome affected versions not specified Description: A critical issue affects the function get info/get country coor of the file server/index.php, leading to sql injection. Recommendations: Apply a patch to fix this issue. As a...

Debian DSA-5211-1 : wpewebkit - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5211 advisory. - An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32792 - The issue was addressed with improved UI handling. CVE-2022-32816 No...

CVE-2022-27571

Heap-based buffer overflow vulnerability in sheifdgetinfoimage function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker...

AZL-6574 CVE-2021-3573 affecting package kernel for versions less than 5.10.78.1-1

A use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hciunregisterdev together with one of the calls hcisockblacklistadd, hcisockblacklistdel, hcigetconninfo,...

PT-2019-6290 · Intel +7 · Edk Ii +7

Name of the Vulnerable Software and Affected Versions: EDK II affected versions not specified Description: A heap overflow issue exists in the LzmaUefiDecompressGetInfo function. This issue can be exploited to gain access to confidential data, compromise data integrity, and cause a denial of...

Flexense Disk Pulse Enterprise Control Protocol Denial of Service Vulnerability

Flexense Disk Pulse Enterprise is a suite of disk monitoring tools from Flexense Canada, with Control Protocol as one of the control protocols. A denial of service vulnerability exists in Control Protocol in Flexense Disk Pulse Enterprise version 10.1.18. The vulnerability can be exploited to cau...

CVE-2017-15664

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...

CVE-2017-15665

In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 8094...