7455 matches found
kernel: ublk: make sure ubq->canceling is set when queue is frozen
In the Linux kernel, the following vulnerability has been resolved: ublk: make sure ubq-canceling is set when queue is frozen Now ublk driver depends on ubq-canceling for deciding if the request can be dispatched via uringcmd & iouringcmdcompleteintask. Once ubq-canceling is set, the uringcmd can...
CVE-2025-66217 AIS-catcher Integer Underflow in MQTT Packet Parsing leading to Heap Buffer Overflow
AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...
RDMA/hns: Fix double destruction of rsv_qp
...
SUSE CVE-2025-64330
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
PT-2026-1250
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s netpoll functionality where a kernel warning can occur when netconsole setup fails on devices with the IFF DISABLE NETPOLL flag set. This warning aris...
CVE-2025-64330
A flaw was found in Suricata. This vulnerability allows a denial of service DoS via a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records, requiring the per packet alert queue to be filled with alerts followed by a pass rule...
CVE-2025-64330
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
DEBIAN-CVE-2025-64330
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
UBUNTU-CVE-2025-64330
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
EUVD-2025-199772
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
CVE-2025-64330 Suricata is vulnerable to a heap buffer overflow on verdict
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
CVE-2025-64330 Suricata is vulnerable to a heap buffer overflow on verdict
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...
CVE-2025-64330
CVE-2025-64330 concerns Suricata, a network IDS/IPS engine. Prior to versions 7.0.13 and 8.0.2, a single-byte read heap overflow during verdict logging in eve.alert/eve.drop can cause crashes when the per-packet alert queue is saturated and a pass rule follows. The issue has been patched in 7.0.1...
USN-7887-2: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
MAL-2025-191074 Malicious code in better-queue-nedb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cba95c3245aa2713491b03e3bef1aaa75a05ffe517f1bf8625040fd0c465989c The package better-queue-nedb was found to contain malicious code. Source: ghsa-malware...
Malicious code in better-queue-nedb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cba95c3245aa2713491b03e3bef1aaa75a05ffe517f1bf8625040fd0c465989c The package better-queue-nedb was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199165
Malicious code in better-queue-nedb npm...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
USN-7887-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
USN-7887-1 linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...