Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 "ACPICA: Avoid walking the ACPI Namespace if it is not there" fixed the situation when both startnode and acpigblrootnode are NULL, the Linux...

PT-2026-36670

Name of the Vulnerable Software and Affected Versions Apache Polaris version 1.4.0 Description Apache Polaris fails to properly escape namespace and table identifiers when constructing Common Expression Language CEL strings for Google Cloud Storage GCS Credential Access Boundaries CAB. This allow...

SUSE CVE-2026-23403

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...

CVE-2026-23403

CVE-2026-23403 concerns the AppArmor memory leak in Linux kernel’s verify_header. The issue arises because a function sets *ns = NULL on every call, leaking the previously allocated namespace string across successive profile unpackings and causing namespace consistency checks to see NULL for *ns....

CVE-2026-23189

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

EUVD-2025-201812

The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entirely different...

CVE-2025-66567 ruby-saml has a SAML authentication bypass due to namespace handling (parser differential)

The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entirely different...

CVE-2025-66567 ruby-saml has a SAML authentication bypass due to namespace handling (parser differential)

The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entirely different...

DEBIAN-CVE-2025-12863

A flaw was found in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory regi...

EUVD-2025-38299

A flaw was found in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory regi...

编号撤回

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, XSH. A resource management error vulnerability exists in libxml2, which stems from an improper handling of namespace references in the xmlSetTreeDoc function,...

EUVD-2013-5712

Malware in sbrugna...

EUVD-2008-4047

Malware in sbrugna...

EUVD-2025-31047

Malicious code in bioql PyPI...

EUVD-2025-20942

Malicious code in bioql PyPI...

PT-2025-46752

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mnt ns release function. Specifically, a NULL pointer may be passed to this function when called from listmount. This can lead to issues when...

min-document vulnerable to prototype pollution

A vulnerability exists in the 'min-document' package prior to version 2.19.1, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...

GHSA-RX8G-88G5-QH64 min-document vulnerable to prototype pollution

A vulnerability exists in the 'min-document' package prior to version 2.19.1, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...

CVE-2025-57352

A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...

CVE-2025-57352

CVE-2025-57352 affects the min-document package prior to 2.19.0 and is a prototype pollution issue via removeAttributeNS, triggered by input involving proto . IBM confirms affected products in connected bulletins: IBM Business Automation Workflow (containers and traditional), IBM Concert Software...