PT-2026-2929

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw due to a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread. This condition...

PT-2026-21767

Name of the Vulnerable Software and Affected Versions Caddy versions prior to 2.11.1 Description The path sanitization routine in Caddy's file matcher does not properly sanitize backslashes, potentially allowing bypass of path-related security protections. This issue affects users with specific...

SUSE CVE-2023-54306

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

WordPress Master Slider - Responsive Touch Slider plugin <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode vulnerability

WordPress Master Slider - Responsive Touch Slider plugin = 3.10.6 - Authenticated Contributor+ Stored Cross-Site Scripting via mslayer Shortcode vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Master Slider versions = 3.10.6...

EUVD-2023-60498

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

CVE-2023-54306

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

CVE-2023-54306

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

UBUNTU-CVE-2023-54306

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

CVE-2023-54242 block, bfq: Fix division by zero error on zero wsum

In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by zero error. Fix this by continuing to the next level. This was discovered by running as root: stress-...

CVE-2023-54214

CVE-2023-54214: Linux kernel Bluetooth L2CAP fix for a use-after-free involving alloc_skb that could release and reacquire the chan lock, potentially causing the channel to disconnect. The vulnerability is addressed by the kernel patch, with advisories from SUSE (SUSE-SU-2026:0316/0317) noting th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of post-release reuse of Bluetooth L2CAP...

CVE-2023-54114

In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct macoffset to unwind gso skb in nshgsosegment As the call trace shows, skbpanic was caused by wrong skb-macheader in nshgsosegment: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 PID: 2737 Comm: syz Not...

EUVD-2025-205106

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

CVE-2025-68348

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

PT-2025-53191

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-next-20230505 1 Description The issue lies within the network stack, specifically in the handling of Network Namespace Segmentation NSH with Generic Segmentation Offload GSO. A flaw in the nsh gso segment...

CVE-2025-11419

A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service DoS by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable...

EUVD-2025-36356

A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service DoS by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable...

CVE-2025-11419 Keycloak: keycloak tls client-initiated renegotiation denial of service

A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service DoS by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable...

Keycloak 安全漏洞

Keycloak is an open source identity and access management solution from Keycloak Open Source. A security vulnerability exists in Keycloak that stems from an unrestricted TLS 1.2 client renegotiation request that could result in a denial of service...

RockyLinux 9 : kernel (RLSA-2025:23241)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23241 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file...