Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: tun: limits the printing rate when an illegal packet is received by the tun device. vhostworker calls tun callbacks to receive packets. If too many illegal packets arrive, tundoread continues to dump the packet contents. When...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.15

Red Hat OpenShift Service Mesh 2.6.15 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013258)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013258 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimitstate-lock access in ext4fillsuper In the following concurrency...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013071)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013071 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007276 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: malcontent, smarter-device-manager, grafana-operator, kubewatch, flux-image-reflector-controller, flux-source-controller, dbmate, smokescreen, temporal, flux-notification-controller, nova, omnibump, nodetaint, nfs-subdir-external-provisioner, ingress-nginx-controller...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, ctop, nats-top, kubernetes-dashboard-metrics-scraper, cert-exporter, mods, db-operator, promxy, nri-mysql, omnibump, openbao, spark-operator, custom-pod-autoscaler-operator, x509-certificate-exporter, conjur-cli, docker-machine-driver-harvester,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006774)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006774 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: gitlab-kas, minio-fips, boring-registry-fips, flannel-fips, promxy, kubernetes-csi-external-provisioner-fips, terraform-provider-databricks-fips, ko-fips, kiam, x509-certificate-exporter, dcgm-exporter, kapp-controller-fips, crossplane-provider-aws-route53, cloudbeat...

EUVD-2025-199434

Malicious code in @silgi/ratelimit npm...

Improper Control of Interaction Frequency

Overview django-smart-ratelimit is an A flexible and efficient rate limiting library for Django applications Affected versions of this package are vulnerable to Improper Control of Interaction Frequency due to reliance on hard-coded static and media in the RateLimitMiddleware and the ratelimit...

CVE-2025-40034

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Avoid NULL pointer dereference in aerratelimit When platform firmware supplies error information to the OS, e.g., via the ACPI APEI GHES mechanism, it may identify an error source device that doesn't advertise an AER...

EUVD-2025-36494

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Avoid NULL pointer dereference in aerratelimit When platform firmware supplies error information to the OS, e.g., via the ACPI APEI GHES mechanism, it may identify an error source device that doesn't advertise an AER...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the aerratelimit function not checking if dev-aerinfo is NULL, which could result in a null pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-40034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Avoid NULL pointer dereference in aerratelimit When platform firmware supplies erro...

ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()

...

Improper Control of Interaction Frequency

Overview django-smart-ratelimit is an A flexible and efficient rate limiting library for Django applications Affected versions of this package are vulnerable to Improper Control of Interaction Frequency via counter.save function that does not implement atomic increments. In the fixed-window backe...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: direnv, nri-cassandra, ctop, cue, nri-memcached, kubernetes-dashboard-metrics-scraper, nri-redis, cert-exporter, tflint, secrets-store-csi-driver-provider-azure, helm-push, kine, nuclei, k8ssandra-operator, nri-mysql, runc, nodetaint, spark-operator, docker-cli, ytt,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: direnv, nri-cassandra, ctop, cue, nri-memcached, kubernetes-dashboard-metrics-scraper, nri-redis, cert-exporter, tflint, secrets-store-csi-driver-provider-azure, helm-push, kine, nuclei, k8ssandra-operator, nri-mysql, runc, nodetaint, spark-operator, docker-cli, ytt,...

Azure Linux 3.0 Security Update: kernel (CVE-2024-27013)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27013 advisory. - In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal...