EUVD-2026-35118

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly freeing the descriptor in msgdmafreedescriptor. The call listdel in msgdmachandesccleanup should be replaced with msgdmafreedescriptor. Consequently, listaddtail should be replaced with...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of lists within the MGMT command completion function. This vulnerability may le...

Tenda A18 Pro 安全漏洞

The Tenda A18 Pro is a wireless signal extender produced by the Chinese company Tenda. Version 02.03.02.28 of the Tenda A18 Pro contains a security vulnerability. This vulnerability stems from a stack buffer overflow issue in the fromSetIpMacBind function within the file /goform/SetIpMacBind,...

Tenda A21 安全漏洞

The Tenda A21 is a wireless signal extender produced by the Chinese company Tenda. Version 1.0.0.0 of the Tenda A21 contains a security vulnerability. This vulnerability stems from the fromSetIpMacBind function in the/goform/SetIpMacBind file, where an stack buffer overflow occurs due to improper...

openSUSE 15 Security Update : python39 (SUSE-SU-2025:4433-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4433-1 advisory. Update to 3.9.25: - Security - gh-137836: Add support of the plaintext element, RAWTEXT elements xmp, iframe, noembed and noframes, and optionally RAWTEXT...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

UBUNTU-CVE-2022-50484

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, when -ENOMEM hits at th...

EUVD-2022-27243

Malicious code in bioql PyPI...

EUVD-2025-20797

Malicious code in bioql PyPI...

EUVD-2024-40255

Malicious code in bioql PyPI...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

CVE-2025-39853

CVE-2025-39853 affects the Linux kernel i40e driver. The issue arises when the MAC list is empty, as list_first_entry() can return a pointer to an invalid object, risking invalid memory access upon use. The advisory notes the fix is to replace list_first_entry() with list_first_entry_or_null(), p...

CVE-2025-38264

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...

DEBIAN-CVE-2025-38264

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...

AZL-70433 CVE-2025-38264 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...

CVE-2025-38264 nvme-tcp: sanitize request list handling

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...

CVE-2025-38197

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dellrbu: Fix list usage Pass the correct list head to listforeachentry when looping through the packet list. Without this patch, reading the packet data via sysfs will show the data incorrectly because it starts at...

CVE-2025-38197

CVE-2025-38197 affects the Linux kernel (platform/x86: dell_rbu). The root cause is using the wrong list head with list_for_each_entry*() when iterating the packet list, causing incorrect packet data reads via sysfs and a NULL pointer dereference when clearing the list. A patch fixes the issue by...

CVE-2025-38092

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...