CVE-2025-61765

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

UBUNTU-CVE-2025-61765

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

CVE-2025-61765 python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

CVE-2025-61765 python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

CVE-2025-61765

CVE-2025-61765 affects the Python Socket.IO implementation (python-socketio) used for real-time client/server communications. The root cause is unsafe deserialization of messages via Python’s pickle.loads() when inter-server messaging uses a backend message queue (e.g., Redis). In multi-server de...

CVE-2025-61765 python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

CVE-2025-58581 Information Disclosure Through Stacktrace-/MQTT/Config/changeAll

When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of the application...

PT-2025-40909

Name of the Vulnerable Software and Affected Versions python-socketio versions prior to 5.14.0 Description python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution issue in python-socketio allows attackers to execute arbitrary Python code...

SUSE CVE-2023-53559

In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipvti devic...

SUSE CVE-2023-53574

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

SUSE CVE-2023-53576

In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in the nullvalidateconf and return error for NULLQRQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is...

SUSE CVE-2025-39932

In the Linux kernel, the following vulnerability has been resolved: smb: client: let smbddestroy call disableworksync&info-postsendcreditswork In smbddestroy we may destroy the memory so we better wait until postsendcreditswork is no longer pending and will never be started again. I actually just...

AZL-76770 CVE-2023-53574 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

CVE-2023-53576

In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in the nullvalidateconf and return error for NULLQRQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is...

CVE-2023-53574

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

UBUNTU-CVE-2023-53576

In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in the nullvalidateconf and return error for NULLQRQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is...

UBUNTU-CVE-2023-53574

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

UBUNTU-CVE-2023-53539

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxerequester If a send packet is dropped by the IP layer in rxerequester the call to rxexmitpacket can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state...

CVE-2023-53576

CVE-2023-53576 affects the Linux kernel’s null_blk driver. The patch ensures queue mode is always validated from configfs by checking queue_mode in null_validate_conf() and returning an error for NULL_Q_RQ to prevent a NULL I/O path OOPs when queue_mode is set to 1. Reproduction steps are provide...

CVE-2023-53576 null_blk: Always check queue mode setting from configfs

In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in the nullvalidateconf and return error for NULLQRQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is...