Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Added a sentinel to the quirks table. The current driver lacks a sentinel in the struct socdeviceattribute array, which causes a buffer overflow error when the socdevicematchmt7621pciequirksmatch function is called...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v3-its: Quirk probing for ACPI-based systems has been restored. While refactoring the way ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems like HIP07 lose...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: toshibaacpi – Fixed array out-of-bounds access. In order to use toshibadmiquirks together with the standard DMI-related functions, it is necessary to end the list with an empty entry. Since this entry is missing, an...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table By fixing socdevattr to register the SOC as a device, the kernel will encounter an OOPs error in socdevicematchattr. This quirks test was introduced in the staging driver in t...

OESA-2026-2679 python-webob security update

WebOb provides wrappers around the WSGI request environment, and an object to help create WSGI responses. The objects map much of the specified behavior of HTTP, including header parsing and accessors for other standard parts of the environment. Security Fixes: Impact When WebOb normalizes the HT...

ROS-20260323-73-0021

A vulnerability in the quirks component of the Linux operating system kernel is related to a violation of expected behavior. Exploitation of the vulnerability allows an attacker to cause a denial of service...

Fedora 42 : webkitgtk (2025-3e5ba4315a)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-3e5ba4315a advisory. Correctly handle the program name passed to the sleep disabler. Ensure GStreamer is initialized before using the Quirks. Fix several crashes and...

Fedora 43 : webkitgtk (2025-96a708ea95)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-96a708ea95 advisory. Correctly handle the program name passed to the sleep disabler. Ensure GStreamer is initialized before using the Quirks. Fix several crashes and...

kernel security update

5.14.0-570.62.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

CVE-2025-64108 Cursor's Sensitive File Modification can Lead to NTFS Path Quirks

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected fil...

CVE-2025-64108 Cursor's Sensitive File Modification can Lead to NTFS Path Quirks

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected fil...

CVE-2025-64108 Cursor's Sensitive File Modification can Lead to NTFS Path Quirks

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected fil...

PT-2025-45062

Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.44 and below Description Cursor, a code editor for programming with AI, has an issue where NTFS path quirks can be exploited by an attacker to bypass file protections and overwrite files that normally require user...

kernel security update

5.14.0-570.58.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Oracle Linux 10 : kernel (ELSA-2025-17396)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-17396 advisory. 6.12.0-55.38.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

EUVD-2025-6214

Malicious code in bioql PyPI...

EUVD-2023-59896

Malicious code in bioql PyPI...

Oracle Linux 10 : kernel (ELSA-2025-16904)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16904 advisory. 6.12.0-55.37.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate Orabug:...

CVE-2023-53293 Bluetooth: btrtl: check for NULL in btrtl_set_quirks()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetquirks The btrtlsetquirks has accessed btrtldev-icinfo-lmpsubver since b8e482d02513. However, if installing a Realtek Bluetooth controller without the driver supported, it will hit the...

CVE-2023-53293

Removed by vendor...