Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an oversight in AppArmor where the counter for each CPU’s cache holdings does not check for...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.312.b07-1.el7 (AXSA:2021-2489:11)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2489:11 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

MiracleLinux 9 : containernetworking-plugins-1.3.0-4.el9 (AXSA:2023-6651:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6651:02 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPA...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.312.b07-1.el8 (AXSA:2021-2491:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2491:12 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.231-2.6.19.1.AXS4 (AXSA:2019-3940:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3940:03 advisory. OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 OpenJDK: Insufficient checks of suppressed...

CVE-2022-42316

Xenstore: guests can let run xenstored out of memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service...

CVE-2021-27439

TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tosmmheapalloc incorrect calculation of effective memory allocation size. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code...

CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

Fulcio 安全漏洞

Fulcio is a certificate authority open-sourced by sigstore. A security vulnerability exists in Fulcio versions prior to 1.8.3, which stems from mishandling of the identity.extractIssuerURL function, which could lead to memory allocation issues...

EUVD-2009-1191

Malware in sbrugna...

EUVD-2005-0468

Malware in sbrugna...

EUVD-2018-3316

Malware in sbrugna...

EUVD-2015-1551

Malware in sbrugna...

EUVD-2013-3334

Malware in sbrugna...

EUVD-2013-3353

Malware in sbrugna...

EUVD-2020-26986

Malware in sbrugna...

EUVD-2021-14165

Malware in sbrugna...

EUVD-2024-31776

Malicious code in bioql PyPI...

EUVD-2021-9816

Malicious code in bioql PyPI...

CVE-2025-49832 Asterisk is Vulnerable to Remote DoS and possible RCE Attacks During Memory Allocation

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...