CVE-2026-33596

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend...

Authentication Bypass

GenieACS is vulnerable to Authentication Bypass. The vulnerability is due to missing authentication checks in the NBI API endpoint, which allows an attacker to access the API without proper authorization...

CVE-2026-0915 getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver...

EUVD-2018-3731

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414402 advisory. network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs...

EUVD-2022-43003

Malicious code in bioql PyPI...

Malicious code in social-network-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89279e5bb7b18cd7f18b0018f976d1e055fbeb331245019a6c3e75796c3bf1e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:0775-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0775-1 advisory. - CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 - CVE-2024-9676:...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:0267-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0267-1 advisory. - CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause...

Security update for podman

This update for podman fixes the following issues: CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service DoS bsc1231698 Load iptables and ip6tables kernel module bsc1214612 Required for rootless mode as a...

SUSE-SU-2025:0267-1 Security update for podman

This update for podman fixes the following issues: - CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service DoS bsc1231698 - Load iptables and ip6tables kernel module bsc1214612 Required for rootless mode a...

Backend can crash Linux netfront

ISSUE DESCRIPTION After a suspend/resume cycle of a Linux guest e.g. via "virsh dompmsuspend"/ "virsh dompmwakeup" a malicious network backend can crash the guest via a NULL-pointer dereference in the guest's xen-netfront driver. During the resume operation the xen-netfront driver will release so...

USN-6726-3 linux-xilinx-zynqmp vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

USN-6726-2: Linux kernel (IoT) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

Ubuntu: Security Advisory (USN-6701-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6701-4 linux-azure vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

USN-6725-1: Linux kernel vulnerabilities

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service system crash or possibly...

USN-6724-1 linux, linux-aws, linux-azure, linux-azure-6.5, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-starfive, linux-starfive-6.5 vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

Ubuntu: Security Advisory (USN-6701-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6701-2 linux-gcp, linux-gcp-4.15 vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...