66 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The ATTRCTIME flags were set when setting the mtime. David reported that the new warning from setattrcopymgtime appears as follows: 113.215316 ------------ Cut here ----------- 113.215974 WARNING: CPU: 1 PID: 31 at...
Astra Linux – Vulnerability in tar
GNU Tar version 1.34 has a one-byte out-of-bounds read operation, which allows for the use of uninitialized memory in a conditional jump. Exploitation to change the control flow of the program has not been demonstrated. The issue occurs in the fromheader section of the list.c file, due to a V7...
JLSEC-2026-342
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
JLSEC-2026-184
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...
JLSEC-2026-111 Deno's --deny-write check does not prevent permission bypass
Summary Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtime times on the file stream resource even when the file is opened with read only permission...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Handling of errors returned by nilfspreparechunk The patch series “nilfs2: fix issues with rename operations” addresses these issues. This series corrects BUGON check failures reported by syzbot during rename operation...
Azure Linux 3.0 Security Update: kernel (CVE-2024-57895)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57895 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting...
openSUSE 16 Security Update : hawk2 (openSUSE-SU-2026:20025-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20025-1 advisory. - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitst...
SUSE-SU-2026:20091-1 Security update for hawk2
This update for hawk2 fixes the following issues: - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitstic bsc1230275. - Bump rails version from 8.0.2 to 8.0.2.1 bsc1248100. - Require openssl explicitly...
OPENSUSE-SU-2026:20025-1 Security update for hawk2
This update for hawk2 fixes the following issues: - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitstic bsc1230275. - Bump rails version from 8.0.2 to 8.0.2.1 bsc1248100. - Require openssl explicitly...
CVE-2025-61785 Deno's --deny-write check does not prevent permission bypass
Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtim...
EUVD-2007-1864
Malware in sbrugna...
EUVD-2024-53798
Malicious code in bioql PyPI...
HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow
...
SUSE CVE-2025-6750
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
AZL-64422 CVE-2025-6750 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
DEBIAN-CVE-2025-6750
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
UBUNTU-CVE-2025-6750
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
ksmbd: set ATTR_CTIME flags when setting mtime
...
CVE-2024-57895
In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...