Linux Distros Unpatched Vulnerability : CVE-2022-48624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Note that Nessus relies on the presence of the package as...

dts-mall 安全漏洞

dts-mall is a WeChat small program mall by qiguliuxing individual developer. A security vulnerability exists in dts-mall version v0.0.1-SNAPSHOT, which stems from improper access control and could lead to authentication bypass...

NULL Pointer Dereference

MaterialX is vulnerable to NULL pointer dereference. The vulnerability is due to improper handling of shader node parsing in MTLX files, which allows an attacker to craft malicious files that can crash a target program...

CISA: Tribal Cybersecurity Grant Program FAQ

Learn more about the Tribal Cybersecurity Grant Program TCGP which assists eligible Tribal governments address cybersecurity risks and threats to their information systems. CISA maintains this list of frequently asked questions FAQs for reference to address common questions about the program...

CISA: FY 2023 Tribal Cybersecurity Grant Program FAQs

This is the CISA FAQ for the Tribal Cybersecurity Grant Program TCGP which assists eligible Tribal governments addressing cybersecurity risks and threats to their information systems...

SUSE CVE-2025-38502

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size,...

CVE-2025-38502 bpf: Fix oob access in cgroup local storage

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size,...

Linux Distros Unpatched Vulnerability : CVE-2022-49873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix wrong reg type conversion in releasereference Some helper functions will allocate memory. To avoid memory leaks, the verifier requires the eBPF program...

Linux Distros Unpatched Vulnerability : CVE-2025-38192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6...

PT-2025-33344 · Seagate · Seagate Toolkit

Name of the Vulnerable Software and Affected Versions: Seagate Toolkit versions prior to 2.34.0.33 Description: The service executable path in Seagate Toolkit allows an attacker with administrator privileges to exploit a vulnerability. An attacker with write permissions to the root directory coul...

Dow’s 125-year legacy: Innovating with AI to secure a long future

Founded more than 125 years ago, Dow has demonstrated a commitment to leveraging science to make the world a better place. Today, Dow’s ambition to be the most innovative, inclusive, and sustainable materials science company is supported by a global security team dedicated to keeping employees,...

Dow’s 125-year legacy: Innovating with AI to secure a long future

Founded more than 125 years ago, Dow has demonstrated a commitment to leveraging science to make the world a better place. Today, Dow’s ambition to be the most innovative, inclusive, and sustainable materials science company is supported by a global security team dedicated to keeping employees,...

Linux Distros Unpatched Vulnerability : CVE-2018-18559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issu...

CVE-2025-8672

The CVE describes a TCC bypass in macOS GIMP where a bundled Python interpreter inherits the user’s TCC permissions granted to GIMP. With local access, an attacker can invoke this interpreter to run arbitrary commands and access files in privacy-protected folders without prompting the user, abusi...

PT-2025-32540 · Gimp · Gimp

Name of the Vulnerable Software and Affected Versions: GIMP versions prior to 3.1.4.2 Description: The MacOS version of GIMP includes a Python interpreter that inherits Transparency, Consent, and Control TCC permissions granted to the main application. An attacker with local access can use this...

Linux Distros Unpatched Vulnerability : CVE-2022-50219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix KASAN use-after-free Read in computeeffectiveprogs Syzbot found a Use After Free bu...

Linux Distros Unpatched Vulnerability : CVE-2024-43837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolveprogtype for BPFPROGTYPEEXT When loading a EXT...

Linux Distros Unpatched Vulnerability : CVE-2021-47099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: veth: ensure skb entering GRO are not cloned. After commit d3256efd8e8b veth: allow enabling...

Linux Distros Unpatched Vulnerability : CVE-2025-37963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means on...

CVE-2025-47807

A flaw was found in gstreamer1-plugins-base. The subparse plugin's subripunescapeformatting function contains a NULL pointer dereference when parsing a subtitle file, which can lead to a program crash. This vulnerability allows a local attacker to provide a specially crafted subtitle file, causin...