140 matches found
PT-2025-27514
Name of the Vulnerable Software and Affected Versions: ASR Falcon Linux versions prior to v1536 ASR Kestrel versions prior to v1536 ASR Lapwing Linux versions prior to v1536 Description: The issue is related to an Improper Resource Shutdown or Release, which allows Resource Leak Exposure. This is...
PT-2025-27511
Name of the Vulnerable Software and Affected Versions: ASR Falcon Linux versions prior to v1536 ASR Kestrel versions prior to v1536 ASR Lapwing Linux versions prior to v1536 Description: The issue is related to an Improper Resource Shutdown or Release, which allows Resource Leak Exposure. This is...
CVE-2025-24791
snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...
CVE-1999-0426
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing...
LibreOffice Improper Certificate Validation Vulnerability (Mar 2025) - Linux
LibreOffice is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: rtmutex: The rtmutex::waitlock function is dropped before scheduling. The rtmutexhandledeadlock function is called with the rtmutex::waitlock lock still held. In the good case, it returns with the lock held; in the deadlock case,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: greybus: lights: check return of getchannelfrommode If the channel for the given node is not found, we return null from getchannelfrommode. Make sure we validate the return pointer before using it in two of the missing places. Th...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will cause a divide by zero error in uartgetdivisor. The check for uartclk...
CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions
snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...
CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions
snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...
CVE-2025-24791
CVE-2025-24791 affects snowflake-connector-nodejs (Snowflake NodeJS Driver) on Linux. The vulnerability allows bypassing file permissions checks for the temporary credential cache, exploitable by an attacker with write access to the local cache directory. Affected versions are 1.12.0 through 2.0....
BIT-NODE-MIN-2022-32222
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3...
Mouse cursor disappears in the double dop scenario
The mouse cursor disappears in certain double-hop scenarios or when using the VirtualBox client. There appears to be a bug in the VirtualBox client rendering of 32-bit color cursors, which causes the mouse cursor to disappear. Double-hop scenarios where CWA for Linux versions prior to 2309 and CW...
PT-2023-14039 · Intel · Intel Qat Driver For Linux
Name of the Vulnerable Software and Affected Versions: Intel QAT Driver for Linux versions prior to 1.7.l.4.12 Description: The issue is related to improper buffer restriction in the software, which may allow an authenticated user to potentially enable denial of service via local access...
IBM DB2 输入验证错误漏洞
IBM DB2 is a relational database management system from International Business Machines IBM. The system is implemented in UNIX, Linux, IBMi, z/OS, and Windows server versions. An input validation error vulnerability exists in IBM Db2, which stems from the possibility that the server may crash whe...
PT-2023-17355 · Devolutions · Devolutions Remote Desktop Manager
Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager Windows versions 2022.3.33.0 and prior Devolutions Remote Desktop Manager Linux versions 2022.3.2.0 and prior Description: The issue is related to a lack of access control for the OTP key on OTP entries in...
SUSE CVE-2005-0504
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver moxa.c in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value...
SUSE CVE-2005-2876
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...
SUSE CVE-2015-3132
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execu...
SUSE CVE-2015-7647
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648...