CVE-2026-43419

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...

CVE-2026-43252

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always set ID as avail when rm endp Syzkaller managed to find a combination of actions that was generating this warning: WARNING: net/mptcp/pmkernel.c:1074 at marksubflowendpavailable net/mptcp/pmkernel.c:10...

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed several vulnerabilities in iOS and iPadOS. The vulnerabilities include several issues such as improper path management, memory management, and insufficient input validation, which could lead to unauthorized access to sensitive data, unexpected application terminations, and other...

EUVD-2010-1667

Malware in sbrugna...

The vulnerability of the FortiClient for MAC installer allows a perpetrator to execute arbitrary commands.

The vulnerability of the FortiClient for MAC installer is related to improper external management of the file name or path to the /tmp directory. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: For mptcp: pm: only marking ‘subflow’ endp as available. The following warning has been added: WARNONONCEmsk-pm.localaddrused == 0 Adding this warning before decrementing the localaddrused counter helped to identify a bug when...

CVE-2024-45010

...

The vulnerability of the single-input module in the LogPoint SAML Authentication application, related to improper external management of file names or paths, allows a malicious actor to delete any file and cause authentication failures when entering the system.

The vulnerability of the single-input module in the LogPoint SAML Authentication application is related to incorrect external management of file names or paths. Exploiting this vulnerability could allow a malicious actor to delete any desired file and cause authentication failures when logging in...

The vulnerability of the Tail-f High Availability Cluster Communications (HCC) functional package of the Cisco Network Services Orchestrator (NSO) software allows a perpetrator to execute arbitrary code with root privileges.

The vulnerability of the Tail-f High Availability Cluster Communications HCC functional package of the Cisco Network Services Orchestrator NSO software is related to improper external management of file names or paths. Exploiting this vulnerability could allow a attacker to execute arbitrary code...

The vulnerability of the PowerScale OneFS operating system, related to incorrect external management of file names or paths, allows a attacker to trigger a service failure.

The vulnerability of the PowerScale OneFS operating system is related to improper external management of file names or file paths. Exploiting this vulnerability can allow an attacker to cause a service failure...