DEBIAN-CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

uutils coreutils's User Interface (UI) Misrepresents Critical Information

The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleadi...

MiracleLinux 9 : java-21-openjdk-21.0.3.0.9-1.el9.ML.1 (AXSA:2024-7714:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7714:08 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

CVE-2025-15079

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

EUVD-2020-21746

Malware in sbrugna...

EUVD-2022-48755

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-29373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in fs/iouring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a...

UBUNTU-CVE-2025-4922

Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...

CVE-2023-32390

The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup...

CVE-2023-53095

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix a NULL pointer dereference The LRU mechanism may look up a resource in the process of being removed from an object. The locking rules here are a bit unclear but it looks currently like res-bo assignment is protected ...

CVE-2025-37790 net: mctp: Set SOCK_RCU_FREE

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCKRCUFREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup...

CVE-2025-27791

CVE-2025-27791 affects Collabora Online (LibreOffice-based online office suite). A path traversal flaw exists in handling the WOPI CheckFileInfo BaseFileName field, allowing an attacker-supplied response from a malicious WOPI server to enable arbitrary file writes on the host where Collabora runs...

CVE-2025-32743

In ConnMan through 1.44, the lookup string in nsresolv in dnsproxy.c can be NULL or an empty string when the TC Truncated bit is set in a DNS response. This allows attackers to cause a denial of service application crash or possibly execute arbitrary code, because those lookup values lead to...

CVE-2025-0677

A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grubmalloc may be called with a smaller...

DEBIAN-CVE-2025-21683

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

SUSE CVE-2005-0706

Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service crash and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected...

USN-5764-1 u-boot vulnerabilities

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

Exim 资源管理错误漏洞

Exim is an open source messaging agent MTA that runs on Unix systems and is responsible for routing, forwarding and delivering mail. Exim suffers from a resource management error vulnerability that stems from a problem with the dmarcdnslookup function in the dmarc.c file in the DMARC Handler...

Red Hat OpenShift 代码问题漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying, and running applications. A security vulnerability exists in log4j in Red Hat OpenShift, which stems from a portion of the JndiLookup.class file not being...

SUSE-SU-2021:0362-1 Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2424 fixes several issues. The following security issues were fixed: - CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem...