121 matches found
Azure Linux 3.0 Security Update: libsndfile (CVE-2024-50612)
The version of libsndfile installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50612 advisory. - libsndfile through 1.2.2 has an oggvorbis.c vorbisanalysiswrote out-of-bounds read. CVE-2024-50612 Note...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001368)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001368 advisory. An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service slab out-of-bounds read and BUG can occur for a modified f2fs...
UBUNTU-CVE-2023-54245
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-of-bounds Read in regcacheflatread" Below is the backtrace of the issue: dumpbacktrace+0x0/0x4c8...
Linux Distros Unpatched Vulnerability : CVE-2022-50771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rcu: Fix thiscpuread lockdep warning in rcuforcequiescentstate Running rcutorture with non-zero fqsduration module parameter in a kernel built with...
EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-2478)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname,...
Alibaba Cloud Linux 3 : 0178: libssh (ALINUX3-SA-2025:0178)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0178 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-5318: A flaw was found in the libssh libra...
USB: gadget: Fix use-after-free Read in usb_udc_uevent()
...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989182)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989182 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG:...
CVE-2025-62493
CVE-2025-62493 affects the QuickJS engine, specifically the BigInt string conversion path (js_bigint_to_string1). The root cause is an off-by-one error in the calculation of the number of digits (n_digits) needed for the string representation, which can cause memory reads beyond the allocated Big...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986332)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986332 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB aud...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986719)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986719 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fix oob read in afe4403readraw KASAN report out-of-bounds read as follows:...
EUVD-2025-29014
Malicious code in bioql PyPI...
Linux kernel 安全漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from accessing an invalid offset field when resolving a back-reference to an inline extension followed by a pre-allocated extension,...
CVE-2025-39840 audit: fix out-of-bounds read in audit_compare_dname_path()
In the Linux kernel, the following vulnerability has been resolved: audit: fix out-of-bounds read in auditcomparednamepath When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...
SUSE-SU-2025:03268-1 Security update for curl
This update for curl fixes the following issues: Security issues fixed: - CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer bsc1249191. - CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious serv...
EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2025-2169)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : RDMA/core: Silence oversized kvmalloc warningCVE-2025-37867 igb: revert rtnllock that causes deadlockCVE-2023-53060 bnxten: Avoid...
Linux Distros Unpatched Vulnerability : CVE-2018-14544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists one invalid memory read bug in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a...
PT-2025-44688
Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in Google Chrome that could allow attackers to impact the system. The issue is an out-of-bounds read within the V8 JavaScript engine. Microsoft Edge, being Chromium-based,...
ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
...
Linux Distros Unpatched Vulnerability : CVE-2019-16707
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. CVE-2019-16707 Note that Nessus relies on the presence of the...