69 matches found
EUVD-2024-37233
Malicious code in bioql PyPI...
Malicious code in @lbnqduy/potential-memory (npm)
The package @lbnqduy/potential-memory was found to contain malicious code...
MAL-2025-8338 Malicious code in @lbnqduy/potential-memory (npm)
The package @lbnqduy/potential-memory was found to contain malicious code...
CVE-2024-50167
CVE-2024-50167 involves the Linux kernel be2net memory path where be_xmit() can leak the skb when be_xmit_enqueue() fails, returning NETDEV_TX_OK without freeing resources. The fix adds dev_kfree_skb_any() to free the skb in that code path. Connected advisories confirm the issue is addressed in n...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
CVE-2022-48768
In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup kfree is missing on an error path to free the memory allocated by kstrdup: p = param = kstrdupdata-paramsi, GFPKERNEL; So it is better to free it via kfreep...
CVE-2022-48724
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...
CVE-2022-48669
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in paprgetattr buf is allocated in paprgetattr, and krealloc of buf could fail. We need to free the original buf in the case of failure...
MGASA-2024-0132 Updated php packages fix security vulnerabilities
Core: - Corrupted memory in destructor with weak references - GC does not scale well with a lot of objects created in destructor DOM: - Add some missing ZPP checks. - Fix potential memory leak in XPath evaluation results. FPM: - Fix incorrect check in fpmshmfree. Gettext: - Fixed sigabrt raised...
Updated php packages fix security vulnerabilities
Core: - Corrupted memory in destructor with weak references - GC does not scale well with a lot of objects created in destructor DOM: - Add some missing ZPP checks. - Fix potential memory leak in XPath evaluation results. FPM: - Fix incorrect check in fpmshmfree. Gettext: - Fixed sigabrt...
Memory Corruption
thunderbird is vulnerable to Memory Corruption.The vulnerability is due to improper handling of memory allocation or deallocation, It allows for potential memory corruption within the Firefox and Thunderbird applications, which could lead to the execution of arbitrary code by attackers...
Out-of-bounds Write
libzephyr.so is vulnerable to Out of Bounds Write. The vulnerability is due to insufficient bounds checks when filtering IDs in the canstm32removerxfilter, cannxps32removerxfilter, and mcp2515removerxfilter functions. This issue arises because these functions do not adequately verify that the...
Fedora 39 : caddy (2024-22b915e51a)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-22b915e51a advisory. Update to the latest upstream version, which includes a fix for CVE-2023-45142. https://github.com/caddyserver/caddy/releases/tag/v2.7.6 Tenable has extracte...
RHEL 8 : OpenShift Container Platform 4.12.48 (RHSA-2024:0489)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0489 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...
EulerOS Virtualization 2.9.0 : scipy (EulerOS-SA-2023-3108)
According to the versions of the scipy package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in PyFindObjects function...
Huawei EulerOS: Security Advisory for scipy (EulerOS-SA-2023-3454)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-45142
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...
openSUSE 15 Security Update : python-scipy (SUSE-SU-2023:2970-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2970-1 advisory. - CVE-2023-25399: Fixed minor refcounting issue in PyFindObjects bsc1213062. - CVE-2023-29824: Fixed use-after-free in PyFindObjects bsc1213137...