22 matches found
EUVD-2024-0854
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-0582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak flaw was found in the Linux kernel's iouring functionality in how a user registers a buffer ring with IORINGREGISTERPBUFRING, mmap it, and then...
CVE-2025-6199
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...
TencentOS Server 3: osbuild-composer (TSSA-2024:0523)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0523 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2022-0854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read random memory fro...
Amazon Linux 2 : kernel (ALAS-2025-2752)
The version of kernel installed on the remote host is prior to 4.14.256-197.484. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2752 advisory. A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls...
PT-2024-2419 · Golang +4 · Golang +4
Name of the Vulnerable Software and Affected Versions: Golang affected versions not specified Description: A memory leak flaw was found in Golang's RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.2 and iPadOS version 17.2, which stems from Processing a...
Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6386-2)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6386-2 advisory. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from divisio...
CVE-2023-4569
A memory leak flaw was found in nftsetcatchallflush in net/netfilter/nftablesapi.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak...
Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6134-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6134-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines o...
kernel: use-after-free related to leaf anon_vma double reuse
A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the ismergeableanonvma function continuously forks, using memory operations to trigger an incorrect reuse of leaf anonvma. This issue allows a local attacker to crash the system...
CVE-2023-0615
A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOCSDVTIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled...
CVE-2022-3619
A memory leak flaw was found in the Linux kernel’s L2CAP bluetooth functionality. This issue occurs when a user generates malicious packets, triggering the l2caprecvacldata function. This flaw allows a local or bluetooth connection user to potentially crash the system. Mitigation To mitigate thes...
Rocky Linux 8 : kernel (RLSA-2022:1988)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1988 advisory. - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls...
MGASA-2022-0101 Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...
MGASA-2021-0538 Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.6 and fixes at least the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device that is not common to remove video card physically without power-off,...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5162-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5162-1 advisory. Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some...
CVE-2020-25689
A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where the host-controller tries to reconnect in a loop, generating new connections that are not properly closed while unable to connect to the domain controller. This flaw allows an attacker to cause an Out of memory OOM...