Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed handling of connection failures In cases where immediate MPA Memory-Purposed Allocation request processing fails, the newly created endpoint unlinks from the listening endpoint and becomes ready to be dropped. Thi...

Wireshark 2.2.x < 2.2.11 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.11 advisory. - In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in...

Wireshark 2.2.x < 2.2.11 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.11 advisory. - In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was...

EUVD-2007-3647

Malware in sbrugna...

EUVD-2025-27180

Malicious code in bioql PyPI...

CVE-2025-58752

A path traversal / static-file serving bypass vulnerability has been identified in Vite’s static file server, where HTML files located outside the configured root or deny/allow lists may be served even when server.fs settings such as deny are used. An attacker can exploit this by requesting HTML...

GHSA-JQFW-VQ24-V9C3 Vite's `server.fs` settings were not applied to HTML files

Summary Any HTML files on the machine were served regardless of the server.fs settings. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - appType: 'spa' default or appType: 'mpa' i...

CVE-2025-58752

Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML files on the machine were served regardless of the server.fs settings. Only apps that explicitly expose the Vite dev server to the network using --host or server.host config option and...

PT-2025-36529

Name of the Vulnerable Software and Affected Versions: Vite versions prior to 7.1.5 Vite versions prior to 7.0.7 Vite versions prior to 6.3.6 Vite versions prior to 5.4.20 Description: Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML...

Malicious code in @zalastax/nolb-mpa (npm)

The package @zalastax/nolb-mpa was found to contain malicious code...

MAL-2025-12401 Malicious code in @zalastax/nolb-mpa (npm)

The package @zalastax/nolb-mpa was found to contain malicious code...

SUSE CVE-2022-50136

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

UBUNTU-CVE-2022-50136

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

CVE-2022-50136 RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from siwrecvmparr not properly handling MPA replies, which could lead to duplicate event reports...

Malicious code in client-mpa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 104583f4b439c932e7387c37cb7abdc91c85df2d7b7825c23a2e354f348e1932 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11955 Malicious code in client-mpa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 104583f4b439c932e7387c37cb7abdc91c85df2d7b7825c23a2e354f348e1932 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-52513

A NULL dereference vulnerability was found in the Linux kernel, which is caused when the siwcmworkhandler function attempts to dereference a NULL listener that may be created when immediate MPA request processing fails and the newly created endpoint unlinks the listening endpoint ready to be...

DEBIAN-CVE-2023-52513

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...

CVE-2023-52513

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...