Red Hat assisted-service 安全漏洞

Red Hat Assisted-Service is a backend service component provided by Red Hat Inc. in the United States, which offers REST APIs. It primarily serves the OpenShift ecosystem. There is a security vulnerability in Red Hat Assisted-Service. This vulnerability arises from writing the original key conten...

Astra Linux - уязвимость в krb5

The file “lib/kadm5/kadmrpcxdr.c” in MIT Kerberos 5 also known as krb5 before versions 1.20.2 and 1.21.x before version 1.21.1 exposes an uninitialized pointer. A remotely authenticated user can cause a Kadmind crash. This occurs because the function xdrkadm5principalentrec does not validate the...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext The key information in wext.connect is not reset upon reconnection, and it may retain data from a previous connection. Resetting the key data prevents drivers or mac80211 from incorrect...

JLSEC-2026-92

lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 aka krb5 before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because xdrkadm5principalentrec does not validate the relationship between nkeydata and the keydata array...

Linux Distros Unpatched Vulnerability : CVE-2026-23143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtionet: Fix misalignment bug in struct virtnetinfo Use the new TRAILINGOVERLAP helper to fix a misalignment bug along with the following warning:...

CVE-2026-23143

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix misalignment bug in struct virtnetinfo Use the new TRAILINGOVERLAP helper to fix a misalignment bug along with the following warning: drivers/net/virtionet.c:429:46: warning: structure containing a flexible array...

UBUNTU-CVE-2026-23143

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix misalignment bug in struct virtnetinfo Use the new TRAILINGOVERLAP helper to fix a misalignment bug along with the following warning: drivers/net/virtionet.c:429:46: warning: structure containing a flexible array...

PT-2026-8138

In the Linux kernel, the following vulnerability has been resolved: virtio net: Fix misalignment bug in struct virtnet info Use the new TRAILING OVERLAP helper to fix a misalignment bug along with the following warning: drivers/net/virtio net.c:429:46: warning: structure containing a flexible arr...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000858)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000858 advisory. security/keys/bigkey.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allow...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992195)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992195 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on...

📄 libxslt Key Data Storage 1.1.38 Use-After-Free / Memory Corruption

libxslt Key Data Storage version 1.1.38 suffers from an improper handling of Result Value Trees RVTs when evaluating XSLT keys that can result in memory corruption...

Malicious code in unix-web-export-key-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d60838cb059ad234ae83460587017a2a0124557f3c34684256b7ffcf37b12d3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175816

Malicious code in unix-web-export-key-data npm...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990423)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990423 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser...

CVE-2025-11203

LiteLLM Information health APIKEY Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LiteLLM. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the...

SUSE-SU-2025:20892-1 Security update for libxslt

This update for libxslt fixes the following issues: - CVE-2025-11731: type confusion in exsltFuncResultCompfunction leading to denial of service bsc1251979 - CVE-2025-10911: use-after-free with key data stored cross-RVT bsc1250553...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-11731: type confusion in exsltFuncResultCompfunction leading to denial of service bsc1251979 CVE-2025-10911: use-after-free with key data stored cross-RVT bsc1250553 Patch Instructions: To install this SUSE update use the SUSE recommend...

JLSEC-2025-92 GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information fr...

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints e.g., use of GPGME are met, allows signature forgery via injection into the status line...

EUVD-2019-0065

Malware in sbrugna...

EUVD-2011-0042

Malware in sbrugna...