DEBIAN-CVE-2025-54771

A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this vulnerability to cause grub t...

CVE-2025-54771

A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this vulnerability to cause grub t...

CVE-2025-54771

A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this vulnerability to cause grub t...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB that stems from improper handling of USB device string conversion, which could result in a denial of service or data corruption...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB that stems from a post-release reuse issue in the network module that could lead to a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2025-54771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closing process incorrectly retain...

PT-2025-47377

Name of the Vulnerable Software and Affected Versions GNU GRUB Grand Unified Bootloader affected versions not specified Description A use-after-free issue exists in GNU GRUB Grand Unified Bootloader. The problem stems from an incorrect memory pointer retention during the file-closing process,...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB that stems from the normalexit command not being properly logged off, which could lead to a post-release reuse issue resulting in a system crash or compromised data confidentiality and...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB, which stems from the reuse of the normal command after its release, which could result in a denial of service or a system crash...

CLSA-2025-1763418416 gnutls: Fix of CVE-2024-12243

CVE-2024-12243: fix inefficient algorithm in libtasn1 for decoding certain DER-encoded certificate data to prevent denial-of-service condition...

RUSTSEC-2025-0121 gcc crate is unmaintained

The gcc crate is deprecated and no longer actively maintained. If you rely on this crate, consider switching to a recommended alternative. Recommended alternatives - cc...

Updated botan2 packages fix security vulnerability

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.

...

Photon OS 5.0: Glibc PHSA-2025-5.0-0666

An update of the glibc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0666. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2023-27371)

GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...

Siemens SIMATIC S7-1500 Missing Release of Memory after Effective Lifetime (CVE-2023-5156)

A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens SIMATIC S7-1500 Loop with Unreachable Exit Condition (CVE-2018-20482)

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2019-7309)

In the GNU C Library aka glibc or libc6 through 2.29, the memcmp function for the x32 architecture can incorrectly return zero indicating that the inputs are equal because the RDX most significant bit is mishandled. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-13777)

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3. The earliest affected version is 3.6.4 2018-09-24 because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-9169)

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...