CVE-2025-22027 media: streamzap: fix race between device disconnection and urb callback

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

The Database Kill Chain

Cyber Threat Modeling Frameworks Modern attacks targeting sensitive data have become complex. An organization with many assets might be lost when trying to assess its overall risk, understand the pain points and prioritize the tasks required to secure its information systems. Cyber threat modelin...

DEBIAN-CVE-2025-21995

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix fence reference count leak The lastscheduled fence leaks when an entity is being killed and adding the cleanup callback fails. Decrement the reference count of prev when dmafenceaddcallback fails, ensuring proper...

CVE-2025-2794

CVE-2025-2794 describes an unsafe reflection vulnerability in Kentico Xperience (affecting Xperience up to and including version 13.0.180). An unauthenticated attacker can trigger the vulnerability to terminate the current process, resulting in a Denial-of-Service condition. The issue is rooted i...

Linux Distros Unpatched Vulnerability : CVE-2024-9676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-...

DEBIAN-CVE-2022-49505

In the Linux kernel, the following vulnerability has been resolved: NFC: NULL out the dev-rfkill to prevent UAF Commit 3e3b5dfcd16a "NFC: reorder the logic in nfcun,registerdevice" assumes the deviceisregistered in function nfcdevup will help to check when the rfkill is unregistered. However, thi...

PT-2025-49782

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/sched subsystem related to a potential deadlock within the drm sched entity kill jobs cb function. The issue arises when handling dependencies...

PT-2026-20439

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of sb-s fs info within the HFS filesystem code. A memory leak could occur during the superblock allocation process when...

SUSE CVE-2024-52595

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as , and . This behavior deviates from how web browsers parse and interpret such tags...

DEBIAN-CVE-2024-52595

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as , and . This behavior deviates from how web browsers parse and interpret such tags...

PYSEC-2024-160

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as , and . This behavior deviates from how web browsers parse and interpret such tags...

CVE-2024-52916

Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...

CVE-2024-52916

Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...

CVE-2024-52916

Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...

CVE-2024-52916

Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...

cockpit: Authenticated user can kill any process when enabling pam_env's user_readenv option

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

Low: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

kernel: RDMA/irdma: Fix KASAN issue with tasklet

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. 50006.466686 Call Trace: 50006.466691 50006.489538 dumpstack+0x5c/0x80 50006.493475...

Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace...

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent...