14 matches found
CVE-2026-49486
The Apache Airflow FTP provider's FTPSHook.getconn created an ftplib.FTPTLS connection but never called protp, so although the control channel was TLS-protected the data channel was transmitted in cleartext. Any deployment using FTPSHook or FTPSFileTransmitOperator to move files over FTPS exposed...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tracepoint module. In this case, when funcadd fails, the matching unregfunc function is not...
CVE-2026-46089
A flaw was found in the Linux kernel's zram module. This vulnerability allows a local user to cause a system hang, leading to a Denial of Service DoS. The issue occurs because the zram module fails to properly handle partial discard requests, specifically by not calling endio when such requests a...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to call fini when creating the execution queue, potentially leading to invalid memory...
kernel: Bluetooth: hci_event: call disconnect callback before deleting conn
A flaw was found in the Linux kernel in which a callback is not called when a Bluetooth peripheral is disconnected. This flaw leads to a use-after-free, which an attacker could use to escalate their privileges, corrupt system memory, or otherwise cause a denial of service...
PT-2025-43094
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's USB gadget driver contains a memory leak in the raw gadget driver. Specifically, the raw dev-count is incremented before the raw queue event function is invoked. If ra...
PT-2025-38369
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel when using the debugfs lookup function. Failing to call dput on the result of debugfs lookup leads to a memory leak over time. The issue is...
Linux Distros Unpatched Vulnerability : CVE-2019-10064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in...
UBUNTU-CVE-2022-48722
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154xmitcomplete helper is not called. Only ieee802154wakequeue is called manually. We then leak the skb structure. Free the skb structure upon error before returni...
CVE-2021-47419
In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly cancel timer from tapriodestroy There is a comment in qdisccreate about us not calling ops-reset in some cases. errout4: / Any broken qdiscs that would require a ops-reset here? The qdisc was never ...
Mozilla: Use-after-free in Garbage Collection
The Mozilla Foundation Security Advisory describes this flaw as: The garbage collector could have been aborted in several states and zones and GCRuntime::finishCollection may not have been called, leading to a use-after-free and potentially exploitable crash...
UBUNTU-CVE-2022-3078
An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtvs302m.c...
CVE-2021-45681
An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference and memory corruption can occur because AddRef might not be called before returning a pointer...
libcap protection bypass
chdir is not called after chroot...