3784 matches found
UBUNTU-CVE-2025-40063
In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...
EUVD-2025-36465
In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...
CVE-2025-40063
In CVE-2025-40063, the Linux kernel fixed a cryptographic component mismatch: crypto_acomp_streams and scomp_alg relied on alloc_ctx/free_ctx in the same order, but structure layout randomization could desynchronize their definitions. The fix removes a union from scomp_alg so both structures shar...
CVE-2025-40063 crypto: comp - Use same definition of context alloc and free ops
In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inconsistent definitions of the allocctx and freectx operations, which could lead to problems with...
Open Redirect
Overview com.liferay:com.liferay.layout.admin.web is a portal for Liferay. Affected versions of this package are vulnerable to Open Redirect via the comliferaylayoutadminwebportletGroupPagesPortletredirect parameter in the EditLayoutMVCActionCommand class. Remediation Upgrade...
EUVD-2022-54559
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is defined by the number of raid metadata and ima...
Malicious code in cms-layout-server (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48827 Malicious code in cms-layout-server (npm)
--- -= Per source details. Do not edit below this line.=-...
EUVD-2025-33732
Malicious code in vite-plugin-vue-layout npm...
Malicious code in vite-plugin-vue-layout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dd0f0114d51acfaea5223d47aca72111de403cf5dbeb2fbff4b38345041765b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview vite-plugin-vue-layout is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
MAL-2025-48310 Malicious code in vite-plugin-vue-layout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dd0f0114d51acfaea5223d47aca72111de403cf5dbeb2fbff4b38345041765b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
Malicious code in frontend-layout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd81764709c7d0f5174dd0a979519b3c85894302b3df75acedbf1de8500d3c07 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-33610
Malicious code in frontend-layout npm...
MAL-2025-48279 Malicious code in frontend-layout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd81764709c7d0f5174dd0a979519b3c85894302b3df75acedbf1de8500d3c07 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2025-44377
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Network File System Direct NFSD component. Specifically, the issue involves the handling of LAYOUTCOMMIT operations on FlexFiles layouts by pNFS...
RockyLinux 9 : firefox (RLSA-2025:16108)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:16108 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...
AlmaLinux 10 : firefox (ALSA-2025:16109)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16109 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...