310 matches found
EUVD-2025-13055
Malicious code in bioql PyPI...
EUVD-2022-7133
Malicious code in bioql PyPI...
SUSE SLES12: cairo-devel / libcairo-gobject2 / libcairo-gobject2-32bit / etc (SUSE-SU-2025:03450-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03450-1 advisory. - CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. bsc1122338 - CVE-2025-50422: Fix NULL pointer access in activeedgestotraps...
Security update for cairo
This update for cairo fixes the following issues: CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. bsc1122338 CVE-2025-50422: Fix NULL pointer access in activeedgestotraps leading to crash in Poppler. bsc1247589 Patch Instructions: To install this SUSE update use the SUSE recommende...
CVE-2022-50459
CVE-2022-50459 affects the Linux kernel’s iSCSI TCP path (scsi: iscsi: iscsi_tcp) where a NULL pointer dereference can occur if a socket is freed while accessed via sysfs. Details describe the sequence: sock_hold() on struct sock, then sockfd_put() frees the socket, __sock_release() clears sock-&...
PT-2025-40144
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s iSCSI over TCP implementation. Specifically, a NULL pointer dereference can occur during socket access when freeing the socket concurrently with...
Advisory ROSA-SA-2025-3027
software: jasper 2.0.33 WASP: ROSA-CHROME unaffected versions = jasper-2.0.33-2 affected versions jasper-2.0.33-2 CVE-ID: CVE-2025-8835 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in JasPer before version 4.2.5 allows a crash due to null pointer dereferencing in the jasimagechclrspc...
Linux Distros Unpatched Vulnerability : CVE-2025-39887
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the...
CVE-2022-50406 iomap: iomap: fix memory corruption when recording errors during writeback
In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...
Linux Distros Unpatched Vulnerability : CVE-2023-53280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Remove unused nvmelswaitq wait queue System crash when qla2x00startspsp returns error code EGAIN and wakeup gets called for uninitialized wait...
SUSE CVE-2023-53280
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvmelswaitq wait queue System crash when qla2x00startspsp returns error code EGAIN and wakeup gets called for uninitialized wait queue sp-nvmelswaitq. qla2xxx 0000:37:00.1-2121:5: Returning existing...
Amazon Linux 2023 : gstreamer1-plugins-base, gstreamer1-plugins-base-devel, gstreamer1-plugins-base-tools (ALAS2023-2025-1184)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1184 advisory. In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash. CVE-2025-47806 In GStreamer through 1.26.1, th...
Linux Distros Unpatched Vulnerability : CVE-2025-38716
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfs: fix general protection fault in hfsfindinit The hfsfindinit method can trigger the crash if tree pointer is NULL: 45.746290 T9787 Oops: general protection...
OESA-2025-2112 aide security update
Security Fixes: A vulnerability was found in AIDE up to 0.19.1 and classified as problematic.Using CWE to declare the problem leads to CWE-117. The product does not neutralize or incorrectly neutralizes output that is written to logs.Impacted is integrity.Upgrading to version 0.19.2 eliminates th...
Linux Distros Unpatched Vulnerability : CVE-2018-1000099
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack...
Linux Distros Unpatched Vulnerability : CVE-2025-38558
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Initialize frame- based format color matching descriptor Fix NULL pointer...
DEBIAN-CVE-2025-57767
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header wi...
Linux Distros Unpatched Vulnerability : CVE-2020-13775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is...
Linux Distros Unpatched Vulnerability : CVE-2020-7711
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects all versions of package github.com/russellhaering/goxmldsig. There is a crash on nil-pointer dereference caused by sending malformed XML signatures...
Linux Distros Unpatched Vulnerability : CVE-2025-47807
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a...