CVE-2025-11294

A vulnerability was detected in Belkin F9K1015 1.00.10. Affected by this issue is some unknown functionality of the file /goform/formL2TPSetup. The manipulation of the argument L2TPUserName results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-11294

The vulnerability CVE-2025-11294 affects Belkin F9K1015 firmware 1.00.10. It concerns the /goform/formL2TPSetup handler, where manipulating the L2TPUserName parameter triggers a buffer overflow. The issue can be exploited remotely and a public exploit is available. Multiple sources (NVD, Red Hat,...

tls: make sure to abort the stream if headers are bogus

...

CVE-2023-53586

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUNRESET handling This fixes a bug where an initiator thinks a LUNRESET has cleaned up running commands when it hasn't. The bug was added in commit 51ec502a3266 "target: Delete tmr from list before...

UBUNTU-CVE-2023-53542

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back in 2016 wasn't used on Exynos5420, which caused a kernel panic. Add the proper compatible...

EUVD-2025-32391

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...

AZL-68141 CVE-2025-39946 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...

UBUNTU-CVE-2025-39946

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...

CVE-2025-39946 tls: make sure to abort the stream if headers are bogus

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...

CVE-2025-39946 tls: make sure to abort the stream if headers are bogus

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...

CVE-2025-39946

CVE-2025-39946 affects the Linux kernel TLS/record parsing path. When a record header is bogus and data arrives in small chunks, tls_rx_msg_size() may not abort early enough, risking skb space overflow due to repeated partial parsing. The fixed behavior aborts the TLS stream as soon as an invalid...

podman security update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

RLSA-2025:10550 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: podman missing TLS verification CVE-2025-6032 For more details about the security...

RLSA-2025:7256 Moderate: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: crypto/tls: panic when processing post-handshake message on QUIC connections...

RockyLinux 10 : httpd (RLSA-2025:15095)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:15095 advisory. httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using T...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a TLS stream not aborting in time when an invalid record header is detected, potentially resulting in a buffer...

EUVD-2023-38116

Malicious code in bioql PyPI...

EUVD-2025-24865

Malicious code in bioql PyPI...

EUVD-2023-12275

Malicious code in bioql PyPI...

EUVD-2023-41991

Malicious code in bioql PyPI...