29 matches found
EUVD-2025-29383
Malicious code in bioql PyPI...
CVE-2019-20441
An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting XSS vulnerability has been identified in the 'implement phase' of the API Publisher...
array-init-cursor is unsound when used with types that implement `Drop`
The Drop implementation will get run twice when using the cursor. This issue does not affect you, if you are using only using the crate with types that are Copy such as u8. This issue also does not affect you, if you are only depending on it through the crate planus...
GHSA-67R5-RQWV-9P9Q array-init-cursor is unsound when used with types that implement `Drop`
The Drop implementation will get run twice when using the cursor. This issue does not affect you, if you are using only using the crate with types that are Copy such as u8. This issue also does not affect you, if you are only depending on it through the crate planus...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized...
UBUNTU-CVE-2024-46824
In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...
OESA-2024-1996 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ethernet: Fix error handling in xemacliteofprobe This node pointer is returned by ofparsephandle with refcount incremented in this function. Calling ofnodeput to...
UBUNTU-CVE-2024-39509
In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...
CVE-2024-39509
In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...
CVE-2024-39509 HID: core: remove unnecessary WARN_ON() in implement()
In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...
CVE-2024-39509
In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel due to an unnecessary warning in the implement function of the HID:core component...
CVE-2024-36894
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete FFS based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...
NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
The U.S. National Institute of Standards and Technology NIST has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography applications. "The chosen algorithms are designed to protect information created and...
Unsafe transferFrom()
Lines of code Vulnerability details Impact Yieldy.transferFrom returns false on failure instead of reverting. This might lead to moveFundsToUpgradedContract incorrectly unstaking and restaking tokens, potentially causing user or Migration.sol to lose funds depending on NEWCONTRACT and OLDCONTRACT...
GSD-2022-1001771 scsi: qla2xxx: Implement ref count for SRB
scsi: qla2xxx: Implement ref count for SRB This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...
_calculateMaltRequiredForExit makes wrong calculations
Handle 0x0x0x Vulnerability details Proof of concept calculateMaltRequiredForExit calculates the quantity of malts returned. uint256 maltQuantity = userMaltPurchased.mulamount.divuserCommitment; uint256 fullReturn = maltQuantity.mulcurrentPrice / pegPrice; userMaltPurchased / userCommitment...
Function may not be implemented
Handle jayjonah8 Vulnerability details Impact In StabilizerNode.sol the distributeSuply function calls the check function on the ISupplyDistributionController. Searching through the code base I didn't location where the function is actually implemented. If this is calling a function within the...
Improper implementation of slippage check
Handle WatchPug Vulnerability details function redeemIERC20 token, uint amount, uint poolId, int128 idx, uint minOut external defend blockLocked whenNotPaused returnsuint out ibbtc.safeTransferFrommsg.sender, addressthis, amount; Pool memory pool = poolspoolId; if poolId = minOut, "Slippage Check...
Unbreakable Enterprise kernel-container security update
4.14.35-2025.402.2.1.el7 - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040805 CVE-2020-8694 CVE-2020-8695 4.14.35-2025.402.2.el7 - ocfs2: fix remounting needed after setfacl command Gang He - Fix multiple variable definition with syzkaller Hans Westgaard Ry Orabug:...