14 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-33192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a...
CVE-2026-33192 free5GC UDM incorrectly returns 500 for empty supi path parameter in PATCH sdm-subscriptions reques
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling PATCH requests with an empty supi path parameter...
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.4.2 contained security vulnerabilities. These vulnerabilities stemmed from UDM’s improper handling of PATCH requests with empty supi path parameters. UDM incorrectly converted downstrea...
CVE-2025-12474 libjxl: Uninitialized memory read in decoder due to incorrect optimization in patch handling
A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas...
CVE-2025-12474 libjxl: Uninitialized memory read in decoder due to incorrect optimization in patch handling
A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas...
Use of Uninitialized Resource
Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource due to an uninitialized memory read in the decoder. An attacker can cause a denial of service by submitting specially crafted input that triggers the incorrect optimization in patch handling. Remediation...
CVE-2025-12474
The CVE describes a vulnerability in libjxl where a specially crafted file can cause the decoder to read pixel data from uninitialized memory, due to referencing an outside-image-bound area in later patches and an optimization that omits populating those areas. Several connected advisories confir...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989502)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989502 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: emux: improve patch ioctl data validation In loaddata, make the validation of and skipping...
SUSE-SU-2024:0209-1 Security update for tomcat
This update for tomcat fixes the following issues: Security fixes: - CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers parsing. bsc1217649 Other fixes: - Streamline how patches are handled in the spec file of the package...
SUSE-SU-2024:0206-1 Security update for tomcat
This update for tomcat fixes the following issues: Security fixes: - CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers parsing. bsc1217649 Other fixes: - Streamline how patches are handled in the spec file of the package...
MGASA-2023-0163 Updated git packages fix security vulnerability
By feeding specially crafted input to 'git apply --reject', a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunks from the given patch. CVE-2023-25652. When Git is compiled with runtime prefix support and runs without translated...
USN-2242-1 dpkg vulnerabilities
It was discovered that dpkg incorrectly handled certain patches when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service...
MDVA-2010:035 : drakxtools
This update has fixes for pccard 3G modem detection and accumulated fix for handling hdX/sdX devices 53107 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script...
openldap security update
2.3.43-12.1 - fixed segfault issues in modrdn 606375 - added patch handling null char in TLS to compat package 606375, patch backported by Jan Vcelak...