EUVD-2016-6209

Malware in sbrugna...

USN-7674-1: OpenJDK 11 vulnerabilities

It was discovered that the 2D component of OpenJDK 11 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

Oracle Linux 9 : kernel (ELSA-2025-9080)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9080 advisory. - Bluetooth: L2CAP: Fix corrupted list in hcichandel David Marlin RHEL-87890 CVE-2025-21969 - Bluetooth: L2CAP: Fix slab-use-after-free Read in...

CVE-2022-25722

Information exposure in DSP services due to improper handling of freeing memory...

CVE-2021-31617

In ASQ in Stormshield Network Security SNS 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memory management can lead to remote code execution...

ROS-20250514-01

A vulnerability in the iiosimpledummytriggerh function of driver drivers/iio/dummy/iiosimpledummybuffer.c of the Linux kernel's IIO stub driver support is related to the use of an uninitialized resource. an uninitialized resource. Exploitation of the vulnerability could allow an attacker to gain...

USN-7483-1: OpenJDK 21 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 21 incorrectly handled compiler transformations. An...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : OpenJDK 17 vulnerabilities (USN-7482-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7482-1 advisory. Alicja Kario discovered that the JSSE component of OpenJDK 17 incorrectly handled RSA padding. An...

Ubuntu 24.04 LTS : QuickJS vulnerabilities (USN-7439-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7439-1 advisory. It was discovered that QuickJS could be forced to reference uninitialized memory in certain instances. An attacker could possibly use this issue to cause...

USN-7439-1: QuickJS vulnerabilities

It was discovered that QuickJS could be forced to reference uninitialized memory in certain instances. An attacker could possibly use this issue to cause QuickJS to crash, resulting in a denial of service, or execute arbitrary code. CVE-2023-48183 It was discovered that QuickJS incorrectly manage...

USN-7347-1: Netatalk vulnerabilities

It was discovered that Netatalk did not properly manage memory under certain circumstances. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2024-38439, CVE-2024-38440, CVE-2024-38441...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Netatalk vulnerabilities (USN-7347-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7347-1 advisory. It was discovered that Netatalk did not properly manage memory under certain circumstances. A...

Linux Distros Unpatched Vulnerability : CVE-2024-43888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: listlru: fix UAF for memory cgroup The memcgroupfromslabobj is supposed to be called und...

CentOS 9 : kernel-5.14.0-554.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-554.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores...

ROS-20250109-05

Vulnerability in Firefox ESR, Firefox web browsers and Thunderbird email client is related to errors in data type conversion due to enabled autorun private mode. data type conversion errors due to enabled private mode autorun. Exploitation of the vulnerability could allow an attacker acting...

USN-7173-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : EditorConfig vulnerabilities (USN-7168-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7168-1 advisory. It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An...

SUSE-SU-2024:4318-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-53095: smb: client: Fix use-after-free of network namespace bsc1233642. - CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. - CVE-2023-52920: bpf:...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Go vulnerabilities (USN-7109-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7109-1 advisory. Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this...

USN-6992-2: Firefox regressions

USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...