EUVD-2026-31659

Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to...

Restore to Google Compute Engine Fails with API Errors When Using Helper Appliance

Challenge When restoring a VM to Google Compute Engine GCE, the following errors occur: For Windows platform: Failed to restore to GCE: import-image: datestamp step "import" run error: step "wait-for-bootstrap" did not complete within the specified timeout of 20m0s System.Exception For Linux...

CVE-2023-49652

Incorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb327fca3db11 and earlier allow attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate system-scoped credentials IDs of credentials stored in Jenkins and t...

EUVD-2022-5324

Malicious code in bioql PyPI...

EUVD-2022-5682

Malicious code in bioql PyPI...

EUVD-2022-2102

Malicious code in bioql PyPI...

SUSE-SU-2025:03119-1 Security update for regionServiceClientConfigGCE

This update for regionServiceClientConfigGCE contains the following fixes: - Update to version 5.0.0 bsc1246995 + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update conditional to handle name change of metadata packa...

Linux Distros Unpatched Vulnerability : CVE-2024-26780

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afunix: Fix task hung while purging oobskb in GC. syzbot reported a task hung; at the same...

Linux Distros Unpatched Vulnerability : CVE-2023-53138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN:...

Linux Distros Unpatched Vulnerability : CVE-2023-53028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Revert wifi: mac80211: fix memory leak in ieee80211ifadd This reverts commit...

Linux Distros Unpatched Vulnerability : CVE-2023-52603

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the following issue: oop0: detected capacity change from 0 to 32768 UBSAN:...

CVE-2025-38129

CVE-2025-38129 details a Linux kernel use-after-free in page_pool_recycle_in_ring, linked to page_pool's per-CPU recycle mechanism. The root cause is that a page may be freed while the page pool’s ring is still being recycled, resulting in a potential use-after-free when the producer_lock is not ...

CVE-2019-16548

A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineClouddoProvision could be used to provision new agents...

CVE-2023-53119 nfc: pn533: initialize struct pn533_out_arg properly

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533outarg properly struct pn533outarg used as a temporary context for outurb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases inside pn533outcomplete...

CVE-2022-49916 rose: Fix NULL pointer dereference in rose_send_frame()

In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN: null-ptr-deref in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...

CVE-2022-49738 f2fs: fix to do sanity check on i_extra_isize in is_alive()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on iextraisize in isalive syzbot found a f2fs bug: BUG: KASAN: slab-out-of-bounds in datablkaddr fs/f2fs/f2fs.h:2891 inline BUG: KASAN: slab-out-of-bounds in isalive fs/f2fs/gc.c:1117 inline BUG: KASA...

Linux Distros Unpatched Vulnerability : CVE-2024-50256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repro 1 crashing in nfsendreset6 I think the issue is that...

Linux Distros Unpatched Vulnerability : CVE-2022-48802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 000...

Linux Distros Unpatched Vulnerability : CVE-2024-35976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in...

Linux Distros Unpatched Vulnerability : CVE-2022-48781

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really...