EUVD-2025-2636

Malicious code in bioql PyPI...

EUVD-2021-9847

Malicious code in bioql PyPI...

EUVD-2023-46971

Malicious code in bioql PyPI...

EUVD-2021-34149

Malicious code in bioql PyPI...

SUSE CVE-2025-11207

Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-10847

DX Unified Infrastructure Management Nimsoft/UIM and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...

CVE-2025-10847 DX UIM Probe Improper ACL Handling RCE

DX Unified Infrastructure Management Nimsoft/UIM and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

CVE-2025-9230 Out-of-bounds read & write in RFC 3211 KEK Unwrap

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

Linux Distros Unpatched Vulnerability : CVE-2025-39839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: fix OOB read/write in network-coding decode batadvncskbdecodepacket trusts codedlen and checks only against skb-len. XOR starts at sizeofstruct...

CVE-2025-39880 libceph: fix invalid accesses to ceph_connection_v1_info

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

batman-adv: fix OOB read/write in network-coding decode

...

AZL-67514 CVE-2025-39839 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadvncskbdecodepacket trusts codedlen and checks only against skb-len. XOR starts at sizeofstruct batadvunicastpacket, reducing payload headroom, and the source skb length...

CVE-2025-39839 batman-adv: fix OOB read/write in network-coding decode

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadvncskbdecodepacket trusts codedlen and checks only against skb-len. XOR starts at sizeofstruct batadvunicastpacket, reducing payload headroom, and the source skb length...

CVE-2025-56869

Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in...

CVE-2022-50374

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...

DEBIAN-CVE-2022-50291

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. We do the same for kcm-rxwait in the following patch. syzbot reported: BUG: KCSAN: data-race in...

CVE-2022-50265

CVE-2022-50265 pertains to the Linux kernel and concerns data races in the kernel crypto/messaging flow involving kcm->rx_wait and kcm->rx_psock. The description states that kcm->rx_psock can be read locklessly in kcm_rfree(), and the issue was mitigated by annotating the corresponding r...

CVE-2025-50892

The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...

Advisory ROSA-SA-2025-2977

software: chromium-browser-stable 138.0.7204.92 WASP: ROSA-CHROME unaffected versions = chromium-browser-stable-138.0.7204.92-1 affected versions chromium-browser-stable-138.0.7204.92-1 CVE-ID: CVE-2025-6554 BDU-ID: 2025-07783 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the JavaScript scrip...