Photon OS 4.0: Libpng PHSA-2025-4.0-0917

An update of the libpng package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0917. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Linux PHSA-2025-5.0-0662

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0662. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Linux PHSA-2025-4.0-0884

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2023-53686 net/handshake: fix null-ptr-deref in handshake_nl_done_doit()

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

SUSE CVE-2022-50466

In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: Fix memory leak in loadelfbinary There is a memory leak reported by kmemleak: unreferenced object 0xffff88817104ef80 size 224: comm "xfsadmin", pid 47165, jiffies 4298708825 age 1333.476s hex dump first 32 bytes: 00...

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in BufferedReader.readLine, which does not count null bytes when calculating the acceptable size of an input stream. An attacker can cause the application to crash by creating a large...

OTFCC 缓冲区错误漏洞

OTFCC is a C library and utility program from Caryll Open Source. It is used to parse and write OpenType font files. A security vulnerability exists in OTFCC version 0.10.4, which stems from a heap buffer overflow in the /release-x64/otfccdump+0x6c0bc3 file...

UVI-2021-1001580 drm/nouveau/debugfs: fix file release memory leak

drm/nouveau/debugfs: fix file release memory leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.153 by commit...

Fedora 29 : systemd (2018-c402eea18b)

Fix a local vulnerability from a race condition in chown-recursive CVE-2018-15687, 1639076 - Fix a local vulnerability from invalid handling of long lines in state deserialization CVE-2018-15686, 1639071 - Fix a remote vulnerability in DHCPv6 in systemd-networkd CVE-2018-15688, 1639067 - The DHCP...

PT-2018-8863 · Debian +1 · Apt +1

Name of the Vulnerable Software and Affected Versions: Advanced Package Tool APT versions 1.6.x through 1.6.3 Advanced Package Tool APT versions 1.7.x through 1.7.0alpha2 Description: The issue concerns the mirror:// method implementation in APT, which mishandles gpg signature verification for th...

CVE-2011-3152

DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade...