Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ubifs: A fix was made to increment the reference count of a page once it is set as private. The MM structure defines a rule 1 very clearly: once a page is marked with the PGprivate flag, the reference count of that page should...

CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: The reference leak in grabrequestedmntns has been fixed. lookupmntns already takes a reference to mntns. grabrequestedmntns does not need to take an additional reference...

Astra Linux – Vulnerability in xorg-server, xwayland

A heap-based buffer overflow vulnerability was discovered in the X.org server’s ProcXIPassiveGrabDevice function. This issue occurs when length values that are swapped in bytes are used in responses, potentially leading to memory leakage and segmentation faults, especially when triggered by a...

Astra Linux – Vulnerability in Vim

“Buffer over-reading” in the grabfilename function in the GitHub repository’s Vim/Vim version prior to 8.2.4956. This vulnerability could cause the software to crash, lead to memory modifications, and may allow for remote execution...

Malicious code in chai-grab (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59ae1d48ae982c1945929febb9d9c184264443d2d93c3f187a42813efbeae89 The package chai-grab was found to contain malicious code. Source: ghsa-malware da21a86e003e8f1a127a9431ea7b49004f0f142dc8f619b04adc74000f145cae Any...

Malicious Package

Overview chai-grab is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

MAL-2026-720 Malicious code in chai-grab (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59ae1d48ae982c1945929febb9d9c184264443d2d93c3f187a42813efbeae89 The package chai-grab was found to contain malicious code. Source: ghsa-malware da21a86e003e8f1a127a9431ea7b49004f0f142dc8f619b04adc74000f145cae Any...

SUSE CVE-2025-68300

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...

CVE-2025-52582

CVE-2025-52582 describes an out-of-bounds read vulnerability in the Grassroot DICOM 3.024 package, specifically in the function Overlay::GrabOverlayFromPixelData . A specially crafted DICOM file can cause an information leak. The available connected documents identify the affected component and t...

CVE-2025-68300

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...

UBUNTU-CVE-2025-68300

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...

Linux Distros Unpatched Vulnerability : CVE-2025-68300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra referenc...

CLSA-2025-1763651916 xorg-x11-server-Xwayland: Fix of 4 CVEs

CVE-2023-1393: fix use-after-free in compositor overlay window by clearing dangling COW pointer - CVE-2024-31080: prevent heap over-read in ProcXIGetSelectedEvents caused by using byte-swapped length values in replies. - CVE-2024-31081: fix buffer over-read in ProcXIPassiveGrabDevice by using...

EUVD-2023-51939

Malicious code in bioql PyPI...

EUVD-2025-19840

Malicious code in bioql PyPI...

EUVD-2023-51940

Malicious code in bioql PyPI...

EUVD-2024-23259

Malicious code in bioql PyPI...

CVE-2023-53236

In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch-end is 0 then setting npfns0 before computing the new value of pfns will fail to adjust the pfn and result in various page accounting corruptions. It should be...

CVE-2023-53236

The CVE-2023-53236 entry pertains to the Linux kernel (iommufd) and is described as resolved. The root cause is improper ordering when batch carrying PFNs (batch->end == 0, setting npfns[0] before updating pfns leads to incorrect PFN adjustments). This can cause various page meta-data corrupti...