PT-2026-32350

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter x tables component where xt match and xt target structures registered with NFPROTO UNSPEC can be loaded by any protocol family via nft compat. When these...

EUVD-2020-28610

Malware in sbrugna...

EUVD-2022-3099

Malicious code in bioql PyPI...

Debian dla-4266 : distro-info-data - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4266 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4266-1 [email protected] https://www.debian.org/lts/security/...

CVE-2024-56760

In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pcimsisetupmsiirqs on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pci/msi/msi.h:121...

CVE-2024-56760

The CVE-2024-56760 issue is a Linux kernel PCI/MSI handling bug where a lack of irqdomain on RISCV platforms triggered a bogus legacy fallback warning. The root cause is an incorrect legacy-mode check in the PCI MSI domain path; the fix updates pci_msi_domain_supports() to evaluate legacy mode an...

CVE-2024-56760 PCI/MSI: Handle lack of irqdomain gracefully

In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pcimsisetupmsiirqs on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pci/msi/msi.h:121...

CVE-2024-26796 drivers: perf: ctr_get_width function for legacy is not defined

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: ctrgetwidth function for legacy is not defined With parameters CONFIGRISCVPMULEGACY=y and CONFIGRISCVPMUSBI=n linux kernel crashes when you try perf record: $ perf record ls 46.749286 Unable to handle kernel NULL...

SUSE CVE-2018-5382

The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47...

CVE-2022-40705

An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This...

SUSE-SU-2022:0727-1 Security update for libeconf, shadow and util-linux

This security update for libeconf, shadow and util-linux fix the following issues: libeconf: - Add libeconf to SLE-Module-Basesystem15-SP3 because needed by 'util-linux' and 'shadow' to fix autoyast handling of security related parameters bsc1192954, jscSLE-23384, jscSLE-23402 Issues fixed in...

Improper access control

VERSION NOT SUPPORTED WHEN ASSIGNED A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1...

CVE-2020-7485

VERSION NOT SUPPORTED WHEN ASSIGNED A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1...

Security Bulletin: IBM System Planning Tool for POWER processor-based systems (TESTING NOTIFICATION)

Summary IBM System Planning Tool for POWER processor-based systems Vulnerability Details Overview Download Releases Support Current version IBM System Planning Tool - Version 6.18.047.0 EXE, 192MB Important note for Symantec Endpoint Protection Users: In order to avoid problems with the download ...

Security Bulletin: Vulnerability in legacy component distributed in IBM Development Package for Apache Spark (CVE-2012-5783)

Summary The Jakarta Commons httpclient version 3.x is known to be vulnerable to SSL spoofing, and is included in the IBM Development Package for Apache Spark, primarily to provide legacy support for Hadoop 2.2. A patch is applied to Jakarta Commons httpclient version 3.1 to fix the vulnerability...

HPSBHF03513 rev.2 - HP PCs and Workstations running Windows and Linux with NVIDIA Graphics Driver, Local Denial of Service (DoS), Elevation of Privilege

Potential Security Impact Denial of Service DoS, elevation of privilege VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP PCs and workstations with Windows and Linux running the NVIDIA Graphics Driver. The vulnerabilities could be locally exploited...

WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow (2)

WU-IMAPd 20002001 - Partial Mailbox Attribute Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/4713/info Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in th...