Linux Distros Unpatched Vulnerability : CVE-2022-1055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free exists in the Linux Kernel in tcnewtfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged us...

SUSE CVE-2025-54996

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

BIT-LIBPHP-2025-6491 NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. before 8.4.10 when parsing XML data in SOAP extensions, overly large 2Gb XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server...

CVE-2025-54996

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

K000152944: libxslt vulnerability CVE-2025-24855, CVE-2024-55549

Security Advisory Description CVE-2025-24855 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and...

Linux Distros Unpatched Vulnerability : CVE-2025-37922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: book3s64/radix : Align section vmemmap start address to PAGESIZE A vmemmap altmap is a...

CVE-2025-54996

CVE-2025-54996 — OpenBao root namespace privilege escalation. OpenBao versions 2.3.1 and earlier allow accounts with access to highly-privileged identity entity systems in the root namespace to directly elevate scope to the root policy. The identity system can add policies that grant capabilities...

CVE-2025-54996

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

CVE-2025-54996 OpenBao Root Namespace Operator May Elevate Token Privileges

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

Linux Distros Unpatched Vulnerability : CVE-2023-30549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer 1.1.0 and...

OESA-2025-1964 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference...

Linux Distros Unpatched Vulnerability : CVE-2025-37959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Scrub packet on bpfredirectpeer When bpfredirectpeer is used to redirect packets to a device in another network namespace, the skb isn't scrubbed. That can...

Linux Distros Unpatched Vulnerability : CVE-2021-46912

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: Make tcpallowedcongestioncontrol readonly in non-init netns Currently,...

Linux Distros Unpatched Vulnerability : CVE-2025-21884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: better track kernel sockets lifetime While kernel sockets are dismantled during...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

Linux Distros Unpatched Vulnerability : CVE-2017-15129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...