CVE-2025-41733

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

CVE-2025-41733 Possible malfunction credential injection

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

CVE-2025-41733

The CVE-2025-41733 issue affects METZ CONNECT EWIO2-M, EWIO2-M-BM, and EWIO2-BM devices. The commissioning wizard does not validate whether the device is already initialized, enabling an unauthenticated remote attacker to construct HTTP POST requests to set root credentials, potentially gaining f...

CVE-2025-41733 Possible malfunction credential injection

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

kernel: vxlan: check vxlan_vnigroup_init() return value

In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlanvnigroupinit return value vxlaninit must check vxlanvnigroupinit success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canonical address 0xdffffc000000002c:...

kernel: pstore/ram: Check start of empty przs during init

An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2023-53678

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix system suspend without fbdev being initialized If fbdev is not initialized for some reason - in practice on platforms without display - suspending fbdev should be skipped during system suspend, fix this up. While at...

EUVD-2025-30345

Malicious code in bioql PyPI...

EUVD-2023-59930

Malicious code in bioql PyPI...

SUSE CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

SUSE CVE-2025-39855

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...

DEBIAN-CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

DEBIAN-CVE-2025-39855

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...

UBUNTU-CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2025-39855 ice: fix NULL access of tx->in_use in ice_ptp_ts_irq

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...

CVE-2025-39855

Summary: CVE-2025-39855 concerns the Linux kernel ICE driver (notably the E810’s low-latency TX timestamp interface). The bug occurs in ice_ptp_ts_irq() where the Tx timestamp tracker ice_ptp_tx is used before being initialized, risking NULL dereference or use-after-free if a TX timestamp interru...

Linux Distros Unpatched Vulnerability : CVE-2023-53331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pstore/ram: Check start of empty przs during init After commit 30696378f68a pstore/ram: Do not treat empty buffers as valid, initialization would assume a prz w...

CVE-2023-53331

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a "pstore/ram: Do not treat empty buffers as valid", initialization would assume a prz was valid after seeing that the buffersize is zero regardless of the...

DEBIAN-CVE-2023-53331

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a "pstore/ram: Do not treat empty buffers as valid", initialization would assume a prz was valid after seeing that the buffersize is zero regardless of the...