23 matches found
SUSE-SU-2026:21757-1 Security update for libarchive
This update for libarchive fixes the following issues - CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop and DoS bsc1259635. - CVE-2026-4424: 257-byte heap memory leak when processing a 170-byte RAR3 bsc1259928. - CVE-2026-4426:...
EUVD-2023-50564
Malicious code in bioql PyPI...
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.
...
SUSE CVE-2025-38074
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...
DEBIAN-CVE-2025-38074
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...
UBUNTU-CVE-2025-38074
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...
CVE-2023-46344
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE=csmartenergyswgroups in the web...
PT-2025-25848
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, specifically in the vhost-scsi completion path. The issue arises when the vhost-scsi completion path accesses vq-log base while...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on October 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-303-01 Siemens InterMesh Subscriber Devices ICSA-24-303-02 Solar-Log Base 15...
CVE-2023-46344
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...
Cross site scripting
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...
CVE-2023-46344
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...
SUSE CVE-2020-10722
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption...
dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption...
dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption...
dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption...
dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption...
dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption...
dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption...
DPDK Input Validation Error Vulnerability
DPDK is a data plane development kit for Linux-based platforms. It supports the execution of packet processing on multiple CPU architectures. An input validation error vulnerability exists in vhostusersetlogbase in DPDK version 18.05 and later. An attacker could exploit this vulnerability to caus...