Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: The block range must be validated before being used in ext4mbclearbb. The block range to be freed is validated in ext4freeblocks using ext4 inodeblockvalid, and then it is passed to ext4mbclearbb. However, in some situation...

GHSA-V25J-WQCW-FVHJ wger has an Uncontrolled Resource Consumption issue

Summary Any authenticated user can create a routine spanning an arbitrarily long date range e.g. 100 years and then trigger the datesequence computation via any of the routine detail endpoints. The server iterates once per day in an unbounded while loop with no maximum duration validation, causin...

PT-2026-37469

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the Integrity Measurement Architecture IMA measurement buffer passed from a previous kernel may fall outside the addressable RAM of a new kernel when the second-sta...

ROS-20260505-73-0077

A vulnerability in the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network classes of the ipaddress module of the Python programming language interpreter CPython is related to incorrect IP address range validation. Exploitation of the vulnerability could...

ROS-20260505-73-0079

A vulnerability in the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network classes of the ipaddress module of the Python programming language interpreter CPython is related to incorrect IP address range validation. Exploitation of the vulnerability could...

ROS-20260505-73-0078

A vulnerability in the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network classes of the ipaddress module of the Python programming language interpreter CPython is related to incorrect IP address range validation. Exploitation of the vulnerability could...

CVE-2026-5466

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from insufficient range validation in the device.pair.approve method, which could lead to privilege escalati...

SUSE CVE-2025-14443

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.22 had code vulnerabilities. These vulnerabilities stemmed from the incomplete validation of the IPv4 special-purpose range by the isPrivateIpv4 function, which could allow...

GO-2026-4578 openshift-apiserver: SSRF via Missing IP/Network-Range Validation in User-Supplied Image References in github.com/openshift/openshift-apiserver

openshift-apiserver: SSRF via Missing IP/Network-Range Validation in User-Supplied Image References in github.com/openshift/openshift-apiserver...

REVA 安全漏洞

REVA is an open-source data platform software developed by OpenCloud. Versions of REVA prior to 2.42.3 and 2.40.3 contained security vulnerabilities. These vulnerabilities were caused by a bypass in range validation of the GRPC authorization middleware, which could lead to the creation of archive...

PT-2026-5233

Name of the Vulnerable Software and Affected Versions soroban-sdk versions 22.0.9 through 25.0.1 soroban-sdk version 23.5.1 soroban-sdk version 25.0.2 Description The soroban-sdk contains an arithmetic overflow issue in the Bytes::slice, Vec::slice, and Prng::gen range for u64 methods. When...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56663)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56663 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211ATTRMLOLINKID...

CVE-2025-68819 media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...

CVE-2023-54021

In the Linux kernel, the following vulnerability has been resolved: ext4: set goal start correctly in ext4mbnormalizerequest We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in ext4mbnormalizerequest. Besides we should assure goal start is in rang...

UBUNTU-CVE-2023-54021

In the Linux kernel, the following vulnerability has been resolved: ext4: set goal start correctly in ext4mbnormalizerequest We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in ext4mbnormalizerequest. Besides we should assure goal start is in rang...

CVE-2023-54021 ext4: set goal start correctly in ext4_mb_normalize_request

In the Linux kernel, the following vulnerability has been resolved: ext4: set goal start correctly in ext4mbnormalizerequest We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in ext4mbnormalizerequest. Besides we should assure goal start is in rang...

CVE-2023-54021

CVE-2023-54021 affects the Linux kernel ext4 subsystem. The vulnerability centers on ext4_mb_normalize_request: the code must use ac_g_ex (not ac_f_ex) to communicate the goal start to ext4_mb_find_by_goal, and verify that the goal start lies within the data block range [first_data_block, blocks_...

openshift-apiserver: SSRF via Missing IP/Network-Range Validation in User-Supplied Image References

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential Denial of Service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...