CVE-2026-50083

The CVE-2026-50083 entry concerns the Aqara IAM/SSO Gateway (gw-builder.aqara.com) using a hardcoded OAuth client credential (CWE-798). This weak credential could enable a fully unauthenticated, remote takeover when combined with CVE-2026-50082, CVE-50084, and CVE-50085. Documented CVSSv3.1 base ...

EUVD-2013-0414

Malware in sbrugna...

CVE-2025-37848

The CVE-2025-37848 fix applies to the Linux kernel accel/ivpu MS IOCTLs path. It resolves a PM-related deadlock where runtime resume/suspend can be blocked while MS IOCTLs are in progress; a failed suspend would trigger ivpu_ms_cleanup() which attempts to acquire file_priv->ms_lock that is alr...

CVE-2025-37848

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix PM related deadlocks in MS IOCTLs Prevent runtime resume/suspend while MS IOCTLs are in progress. Failed suspend will call ivpumscleanup that would try to acquire filepriv-mslock, which is already held by the IOCT...

Amazon Linux 2 : php, --advisory ALAS2PHP8.2-2025-006 (ALASPHP8.2-2025-006)

The version of php installed on the remote host is prior to 8.2.27-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.2-2025-006 advisory. The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system,...

Fedora 37 : grub2 (2022-dec4cdacd7)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-dec4cdacd7 advisory. Two font-related CVE updates CVE-2022-2601 and CVE-2022-3775. For more information, see upstream's disclosure or the patches themselves. Tenable has...

buildah security update

1.37.2-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.37.2-1 - update to https://github.com/containers/buildah/releases/tag/v1.37.2 - Related: RHEL-27608 2:1.37.1-1 - update to https://github.com/containers/buildah/releases/tag/v1.37.1 - Related: RHEL-276...

ROS-20241002-05

A vulnerability in the PWM PWM device driver of the Linux kernel operating system is related to reading memory outside of the allocated buffer. Exploitation of the vulnerability could allow An intruder can affect confidentiality, integrity and availability of protected information Vulnerability o...

postgresql security update

13.16-1.0.1 - Remove non ASCII character from changelog date 13.16-1 - Update to 13.16 13.14-2 - Remove /var/run/postgresql - Related: RHEL-25756 13.14-1 - Update to 13.14 - Fix CVE-2024-0985 13.13-1 - Update to 13.13 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, and CVE-2023-39417 -...

runc security update

4:1.1.9-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.9 - Related: 2176063 4:1.1.8-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.1.8 - Related: 2176063 4:1.1.7-2 - rebuild for following CVEs: CVE-2021-43784 CVE-2022-41724 CVE-2023-28642 - Resolves:...

PT-2023-35720 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a global buffer overflow read. The crash state involves functions such as xmlStrndup, htmlParseSystemLiteral, a...

CVE-2022-35352

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

Virtuozzo Hybrid Infrastructure 4.5 Update 1 Hotfix 1 (4.5.1-31)

This update provides stability fixes for the Backup Gateway, block storage, storage and compute services. Vulnerability id: VSTOR-41817, VSTOR-41874 Fixes for Gnocchi-related issues after an HA event. Vulnerability id: VSTOR-42372, VSTOR-42297, VSTOR-42009, VSTOR-41982, VSTOR-41706, VSTOR-40814...

Important kernel security update: New kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.15.3.el6. The new kernel inherits security fixes for SACK-related issues in the TCP stack as well as a few improvements for the MDS...

Important kernel security update: New kernel 2.6.32-042stab139.1; Virtuozzo 6.0 Update 12 Hotfix 43 (6.0.12-3743)

This update provides a new kernel 2.6.32-042stab139.1 for Virtuozzo 6.0 based on the RHEL 6.10 kernel 2.6.32-754.15.3.el6. The new kernel inherits security fixes for SACK-related issues in the TCP stack as well as a few improvements for the MDS vulnerability patches. Vulnerability id: CVE-2019-38...

Adobe Patches 13 Code Execution Vulnerabilities in Flash

Adobe patched 13 code execution vulnerabilities in Flash Player today as part of its regular patch update cycle. All of the flaws were rated the highest severity for Windows, macOS and Chrome. Adobe said that Flash version 24.0.0.194 and earlier are vulnerable and that users should update...

FreeBSD : magento -- multiple vulnerabilities (ea1d2530-72ce-11e5-a2a1-002590263bf5)

Magento, Inc. reports : SUPEE-6482 - This patch addresses two issues related to APIs and two cross-site scripting risks. SUPEE-6285 - This patch provides protection against several types of security-related issues, including information leaks, request forgeries, and cross-site scripting. SUPEE-59...

How to use Windows Management Instrumentation (WMI) Tester [WBEMTest] to Test WMI Connectivity

Purpose This article documents how to use Windows Management Instrumentation WMI Tester WBEMTest to test connectivity, which can assist in troubleshooting and isolating WMI-related issues with Veeam products. Solution Opening Windows Management Instrumentation WMI Tester 1. Open a Run prompt Win+...

visibility: visible undoes visibility: hidden

If you set an element to display: none the browser ignores all of its children, if a child sets itself to display: block it will remain hidden. This isn't true of visibility. Serious? Serious. html.show-only-the-button visibility: hidden; html.show-only-the-button .the-button visibility: visible;...

Fedora 17 : lighttpd-1.4.31-1.fc17 (2012-9040)

This update fixes CVE-2011-4362 by updating to the latest release. It also fixes problems that had been reported with previous releases, such as ssl-related crashes on startup. This update fixes some minor SSL related problems, as well as a connection stall bug. This update fixes some minor SSL...