CVE-2025-65503

Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...

CVE-2025-65503

CVE-2025-65503 concerns a use-after-free in endpoint destructors of Redboltz async_mqtt 10.2.5, leading to denial of service when SSL initialization fails due to incorrect destruction order between io_context and endpoint objects. Affected component is the endpoint destructor in the Redboltz asyn...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41068)

s390/sclp: sclpinit failure. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504592; scriptversion"1.2";...

kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails

A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...

kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails

A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...

kernel: vxlan: check vxlan_vnigroup_init() return value

In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlanvnigroupinit return value vxlaninit must check vxlanvnigroupinit success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canonical address 0xdffffc000000002c:...

kernel: igb: Fix potential invalid memory access in igb_init_module()

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igbinitmodule The pciregisterdriver can fail and when this happened, the dcanotifier needs to be unregistered, otherwise the dcanotifier can be called when igb fails to install, resulti...

kernel: crypto: tegra - do not transfer req when tegra init fails

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegracmacinit or tegrashainit function may return an error when memory is exhausted. It should not transfer the request when they return an error...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990140 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989757)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989757 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fix crash in error case In myrsdetect, cs-disableintr is NULL when privdata-hwinit...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989514)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989514 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: avoid a use-after-free when BO init fails nouveauboinit is backed by ttmboinit and...

EUVD-2023-60047

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

SUSE CVE-2025-40062

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm-debug.qmdiffregs When the initialization of qm-debug.accdiffreg fails, the probe process does not exit. However, after qm-debug.qmdiffregs is freed, it is not set to NULL. This can lead to a...

DEBIAN-CVE-2025-40062

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm-debug.qmdiffregs When the initialization of qm-debug.accdiffreg fails, the probe process does not exit. However, after qm-debug.qmdiffregs is freed, it is not set to NULL. This can lead to a...

CVE-2025-60013

When a user attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, the FIPS hardware security module HSM may fail to initialize. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-60013

When a highly-privileged, authenticated attacker attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, arbitrary system commands may be executed, and the FIPS hardware security module HSM may fail to initialize. A successful exploit can allow the...

CVE-2025-60013 F5OS-A FIPS HSM password vulnerability

When a highly-privileged, authenticated attacker attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, arbitrary system commands may be executed, and the FIPS hardware security module HSM may fail to initialize. A successful exploit can allow the...

CVE-2025-60013 F5OS-A FIPS HSM password vulnerability

When a highly-privileged, authenticated attacker attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, arbitrary system commands may be executed, and the FIPS hardware security module HSM may fail to initialize. A successful exploit can allow the...

PT-2025-42349

Name of the Vulnerable Software and Affected Versions rSeries FIPS module affected versions not specified Description The rSeries FIPS module may fail to initialize when a user attempts initialization with a password containing special shell metacharacters. This issue affects the FIPS hardware...

Linux Distros Unpatched Vulnerability : CVE-2023-53619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: conntrack: Avoid nfcthelperhash uses after free If nfconntrackinitstart fails for example due to a registernfconntrackbpf failure, the...