Linux Distros Unpatched Vulnerability : CVE-2020-7676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping elements in...

Linux Distros Unpatched Vulnerability : CVE-2024-35796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: lltemac: platformgetresource replaced by wrong function The function platformgetresourc...

CVE-2025-48500

A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer. Note: Software versions which have reached End of Technical Support...

BIT-LIBPHP-2022-31629 $_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

Linux Distros Unpatched Vulnerability : CVE-2022-50195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM: dts: qcom: replace gcc PXO with pxoboard fixed clock Replace gcc PXO phandle to pxoboard fixed clock declared in the dts. gcc driver doesn't provide PXOSRC...

CVE-2025-50675

GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory,...

The vulnerability of the Permissions control element in the Google Chrome browser allows a hacker to replace the user interface.

The vulnerability of the Permissions control element in Google Chrome is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a remote attacker to replace the user interface...

Exploit for CVE-2025-50675

CVE-2025-50675 – Insecure Permissions in GPMAW 14.2 Summar...

PT-2025-32499 · Linksys · Linksys Ea6500 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 versions up to 20250801 Description: A vulnerability exists in Linksys RE Series devices. The algDisable function within the /goform/setOpMode file is susceptible to a stack-based...

RLSA-2025:7416 Important: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of...

GO-2025-3799 LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement in github.com/lf-edge/ekuiper

LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement in github.com/lf-edge/ekuiper...

CVE-2025-38388

CVE-2025-38388 concerns the Linux kernel’s ARM Firmware Framework for ARMv8-A (FFA). The issue stems from using a mutex to protect the notifier hashtable accesses, which could sleep in atomic context and trigger warnings like “sleeping function called from invalid context.” Connected documents co...

CVE-2025-38388 firmware: arm_ffa: Replace mutex with rwlock to avoid sleep in atomic context

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Replace mutex with rwlock to avoid sleep in atomic context The current use of a mutex to protect the notifier hashtable accesses can lead to issues in the atomic context. It results in the below kernel warnings:...

CVE-2025-38388 firmware: arm_ffa: Replace mutex with rwlock to avoid sleep in atomic context

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Replace mutex with rwlock to avoid sleep in atomic context The current use of a mutex to protect the notifier hashtable accesses can lead to issues in the atomic context. It results in the below kernel warnings:...

PT-2025-30788

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained an issue where a mutex was used to protect the notifier hashtable accesses, potentially leading to sleeping within an atomic context. This resulted in kernel...

The vulnerability of the web interface of the cross-platform FTP server CrushFTP allows a hacker to execute arbitrary code with elevated privileges.

The vulnerability of the cross-platform FTP server CrushFTP lies in the use of an unprotected alternative channel. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges by replacing the administrative user with the default user...

pcs security update

0.10.18-2.0.1.6 - Replace HAM-logo.png with a generic one 0.10.18-2.el810.6 - Fixed CVE-2024-49761 by updating rubygem rexml Resolves: RHEL-98708...

[SECURITY] Fedora 42 Update: luajit-2.1.1748459687-2.fc42

LuaJIT implements the full set of language features defined by Lua 5.1. The virtual machine VM is API- and ABI-compatible to the standard Lua interpreter and can be deployed as a drop-in replacement...

[SECURITY] Fedora 41 Update: rust-procs-0.14.10-2.fc41

A modern replacement for ps...

CVE-2025-38295 perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create()

In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smpprocessorid with rawsmpprocessorid in mesonddrpmucreate The Amlogic DDR PMU driver mesonddrpmucreate function incorrectly uses smpprocessorid, which assumes disabled preemption. This leads to kernel...