Astra Linux - уязвимость в tar

GNU Tar version 1.34 has a one-byte out-of-bounds read operation, which allows for the use of uninitialized memory during a conditional jump. Exploitation to alter the control flow has not been demonstrated. The issue occurs in the fromheader section of the list.c file, due to a V7 archive where...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Handled errors that nilfspreparechunk may return. The patch series “nilfs2: fix issues with rename operations” addresses several issues. It fixes BUGON check failures reported by syzbot during rename operations, as wel...

JLSEC-2026-342

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

JLSEC-2026-184

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

JLSEC-2026-111 Deno's --deny-write check does not prevent permission bypass

Summary Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtime times on the file stream resource even when the file is opened with read only permission...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57895)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57895 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting...

openSUSE 16 Security Update : hawk2 (openSUSE-SU-2026:20025-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20025-1 advisory. - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitst...

SUSE-SU-2026:20091-1 Security update for hawk2

This update for hawk2 fixes the following issues: - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitstic bsc1230275. - Bump rails version from 8.0.2 to 8.0.2.1 bsc1248100. - Require openssl explicitly...

OPENSUSE-SU-2026:20025-1 Security update for hawk2

This update for hawk2 fixes the following issues: - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitstic bsc1230275. - Bump rails version from 8.0.2 to 8.0.2.1 bsc1248100. - Require openssl explicitly...

CVE-2025-61785 Deno's --deny-write check does not prevent permission bypass

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtim...

EUVD-2007-1864

Malware in sbrugna...

EUVD-2024-53798

Malicious code in bioql PyPI...

HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow

...

SUSE CVE-2025-6750

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

DEBIAN-CVE-2025-6750

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

AZL-64422 CVE-2025-6750 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

UBUNTU-CVE-2025-6750

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

ksmbd: set ATTR_CTIME flags when setting mtime

...

AZL-55881 CVE-2024-57895 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...

AZL-55823 CVE-2024-57895 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...