mistune 跨站脚本漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from HTMLRenderer.heading, which directly inserted id attribute values into HTML tags without escaping...

PT-2026-41966

Summary The mailpit dump --http sub-command downloads every message from a remote Mailpit instance and writes each one as .eml inside the user-supplied output directory. The message ID field is taken verbatim from the JSON response of the remote server and concatenated into the output path with...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003664 advisory. In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003767)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003767 advisory. In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP...

EUVD-2007-5610

Malware in sbrugna...

EUVD-2015-1002

Malware in sbrugna...

EUVD-2007-3855

Malware in sbrugna...

CLSA-2025-1748627842 Update of linux-firmware

Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0ver:0x0A70C005, cpuid:0x00A70F52ver:0x0A705206, cpuid:0x00A00F82ver:0x0A00820C, cpuid:0x00A40F41ver:0x0A404107, cpuid:0x00A70F80ver:0x0A708007, cpuid:0x00A20F10ver:0x0A20102D, cpuid:0x00A70F41ver:0x0A704107,...

USN-7374-1: containerd vulnerability

Benjamin Koltermann discovered that containerd incorrectly handled large user id values. This could result in containers possibly being run as root, contrary to expectations...

SUSE CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5845)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5845 advisory. - sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices Dave Chiluk Orabug: 31350999 CVE-2019-19922 - sched/fai...

CVE-2008-1390

The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2068)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an blkdrainqueue use-after-free because a certain error...

Ubuntu: Security Advisory (USN-4115-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4115-2: Linux kernel regression

USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. We apologize for...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4115-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4115-1 advisory. Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received...

USN-4117-1: Linux kernel (AWS) vulnerabilities

It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-10126 Amit Klein and Benny Pinkas discovered that the Linux kerne...

USN-4116-1: Linux kernel vulnerabilities

It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-20856 Amit Klein and Ben...

USN-4115-1: Linux kernel vulnerabilities

Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2018-19985 Zhipeng Xie discovered that an...

CVE-2019-10639

The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols e.g....