CVE-2020-7135

A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant SPP releases 2018.06.0, 2018.09.0, and...

EUVD-2023-51342

Malicious code in bioql PyPI...

EUVD-2024-15895

Malicious code in bioql PyPI...

EUVD-2023-35358

Malicious code in bioql PyPI...

RLSA-2025:7478 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

CVE-2025-38621 md: make rdev_addable usable for rcu mode

In the Linux kernel, the following vulnerability has been resolved: md: make rdevaddable usable for rcu mode Our testcase trigger panic: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...

DLA-4178-1 linux - security update

Bulletin has no description...

CVE-2023-26034

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The blind SQL Injection vulnerability is present within the...

CVE-2023-26039

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl in /web/api/app/Controller/HostController.php. Any authenticated user can...

CVE-2023-26038

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion Untrusted Search Path vulnerability via web/ajax/modal.php, where an arbitrary php file path c...

CWAL 2311 | Failed to register YUBI key on VDA desktop

Failed to register Yubi Key in workspace app for Linux.http://webauthn.io/webauthn.io registration works and onlyhttps://webauthn.me/debuggerwebauthn.me site registration fail...

PandoraFMS 7.0NG.772 - SQL Injection

Exploit Title: PandoraFMS 7.0NG.772 - SQL Injection Date: 21/11/2023 Exploit Author: Osama Yousef Vendor Homepage: https://pandorafms.com/ Software Link: https://github.com/pandorafms/pandorafms/releases/download/v772-LTS/pandorafmsagentlinux-7.0NG.772.tar.gz Version: v7.0NG.772 Tested on: Linux...

Azure Linux 3.0 Security Update: cert-manager / cf-cli / docker-buildx / docker-compose / kubernetes / kubevirt / moby-compose (CVE-2025-22869)

The version of cert-manager / cf-cli / docker-buildx / docker-compose / kubernetes / kubevirt / moby-compose installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22869 advisory. - SSH servers which...

DLA-4076-1 linux-6.1 - security update

Bulletin has no description...

SUSE-SU-2025:0659-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - Add a s390 specific ioctl for ECC hardware support bsc1225637: - for migration to openssh 8.4: write active/enabled switch over files only if n...

ROS-20240725-09

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to privilege management errors. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service A vulnerability in the NVIDIA GPU Display Driver for Linu...

DEBIAN-CVE-2023-47210

Improper input validation for some IntelR PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

CVE-2023-2794

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...

TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution Exploit

!/usr/bin/env python -- coding: utf-8 -- TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution Vendor: AAF Digital HD Forum | Atelmo GmbH Product web page: http://www.aaf-digital.info | https://www.atemio.de Affected version: Firmware =2.01 Summary: The Atemio AM 520 HD Full HD...

CVE-2023-50254 Deepin Reader RCE vulnerability due to a design flaw

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...