EUVD-2024-2977

Malicious code in bioql PyPI...

EUVD-2025-24811

Malicious code in bioql PyPI...

OSV-2025-796 Heap-buffer-overflow in AddGreenToBlueAndRed_AVX2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=447958064 Crash type: Heap-buffer-overflow WRITE Crash state: AddGreenToBlueAndRedAVX2 VP8LInverseTransform ProcessRows...

Linux Distros Unpatched Vulnerability : CVE-2020-35538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A crafted input file could cause a null pointer dereference in jcopysamplerows when processed by libjpeg-turbo. CVE-2020-35538 Note that Nessus relies on the...

MGASA-2025-0221 Updated golang packages fix vulnerabilities

LookPath may return unexpected paths, CVE-2025-47906. incorrect results returned from Rows.Scan, CVE-2025-47907. These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt...

Updated golang packages fix vulnerabilities

LookPath may return unexpected paths, CVE-2025-47906. incorrect results returned from Rows.Scan, CVE-2025-47907. These packages fix the issues for the compiler only; applications using the functions still need to be rebuilt...

SUSE SLES15 Security Update : go1.24-openssl (SUSE-SU-2025:02837-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02837-1 advisory. Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS...

SUSE-SU-2025:02837-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of '', '.' and '..' in some PATH...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

Linux Distros Unpatched Vulnerability : CVE-2022-42966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the...

Linux Distros Unpatched Vulnerability : CVE-2024-10978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires...

OSV-2025-627 Null-dereference READ in ProcessRows

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=438295348 Crash type: Null-dereference READ Crash state: ProcessRows DecodeImageData VP8LDecodeImage...

SUSE-SU-2025:02760-1 Security update for go1.24

This update for go1.24 fixes the following issues: - Update to go1.24.6: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go73800 runtime: RSS seems to have increased in Go 1.24 while the runtime...

SUSE-SU-2025:02759-1 Security update for go1.23

This update for go1.23 fixes the following issues: - Update to go1.23.12: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go74415 runtime: use-after-free of allpSnapshot in findRunnable go74693 runtime...

BIT-GOLANG-2025-47907 Incorrect results returned from Rows.Scan in database/sql

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

CVE-2025-47907

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

SUSE CVE-2025-47907

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

DEBIAN-CVE-2025-47907

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

AZL-66138 CVE-2025-47907 affecting package golang for versions less than 1.22.7-5

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...

AZL-66153 CVE-2025-47907 affecting package golang for versions less than 1.24.6-1

Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...