CVE-2025-55201 Copier safe template has arbitrary filesystem read/write access

Copier library and CLI app for rendering project templates. Prior to 9.9.1, a safe template can currently read and write arbitrary files because Copier exposes a few pathlib.Path objects in the Jinja context which have unconstrained I/O methods. This effectively renders the security model w.r.t...

Linux Distros Unpatched Vulnerability : CVE-2024-3035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allow...

Linux Distros Unpatched Vulnerability : CVE-2021-39212

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and...

Linux Distros Unpatched Vulnerability : CVE-2025-38480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: Fix use of uninitialized data in insnrwemulatebits For Comedi INSNREAD and INSNWRITE instructions on digital subdevices subdevice types COMEDISUBDDI,...

Linux Distros Unpatched Vulnerability : CVE-2020-5991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to...

Linux Distros Unpatched Vulnerability : CVE-2024-29943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range- based bounds check elimination. This vulnerability affec...

Security update for tiff

This update for tiff fixes the following issues: Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when processing...

Linux Distros Unpatched Vulnerability : CVE-2006-20001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. Thi...

Linux Distros Unpatched Vulnerability : CVE-2025-38110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of- bounds clause 45 read/write access When using publicly...

Linux Distros Unpatched Vulnerability : CVE-2017-12154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The preparevmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02...

Linux Distros Unpatched Vulnerability : CVE-2025-4919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability was fixed in Firefox...

TencentOS Server 2: httpd (TSSA-2025:0526)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0526 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2025-53964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for a...

Linux Distros Unpatched Vulnerability : CVE-2025-6554

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium securit...

Linux Distros Unpatched Vulnerability : CVE-2025-37800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - driver core: fix potential NULL pointer dereference in devuevent If userspace reads uevent device attribute at the same time as another threads unbinds the devi...

Linux Distros Unpatched Vulnerability : CVE-2019-9813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This...

CVE-2025-54638

Issue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation of this vulnerability may affect the availability of the ad service...

CVE-2025-54638

Issue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation of this vulnerability may affect the availability of the ad service...

Linux Distros Unpatched Vulnerability : CVE-2025-37879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 9p/net: fix improper handling of bogus negative read/write replies In p9clientwrite and p9clientreadonce, if the server incorrectly replies with success but a...

SUSE CVE-2025-38480

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insnrwemulatebits For Comedi INSNREAD and INSNWRITE instructions on "digital" subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevice drive...