Centrifugo's InsecureSkipTokenSignatureVerify flag silently disables JWT verification with no warning

Summary Centrifugo supports a configuration flag insecureskiptokensignatureverify that completely disables JWT signature verification. When enabled, Centrifugo accepts any JWT token regardless of signature validity — including tokens signed with wrong keys, random signatures, or no signature at...

EUVD-2022-55123

In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in kmaplocalschedin,out When CONFIGDEBUGKMAPLOCAL is enabled kmaplocalschedin,out check that even slots in the tsk-kmapctrl.pteval are unmapped. The slots are initialized with 0 value, but the check is done wi...

EUVD-2024-53428

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-38528

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...

CVE-2022-49081

In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in kmaplocalschedin,out When CONFIGDEBUGKMAPLOCAL is enabled kmaplocalschedin,out check that even slots in the tsk-kmapctrl.pteval are unmapped. The slots are initialized with 0 value, but the check is done wi...

CVE-2022-49081 highmem: fix checks in __kmap_local_sched_{in,out}

In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in kmaplocalschedin,out When CONFIGDEBUGKMAPLOCAL is enabled kmaplocalschedin,out check that even slots in the tsk-kmapctrl.pteval are unmapped. The slots are initialized with 0 value, but the check is done wi...

CVE-2022-49081

Summary (CVE-2022-49081) : Linux kernel vulnerability in highmem handling (__kmap_local_sched_in/out). When CONFIG_DEBUG_KMAP_LOCAL is enabled, checks on tsk->kmap_ctrl.pteval could misinterpret zeroed slots as unmapped, triggering runtime warnings. The root cause is comparing to pte_none for ...

Unspecified vulnerability in Linux kernel (CNVD-2025-01702)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect configuration of the PCIe port node in the DTS file for the MIPS architecture Loongson64, which...

PT-2025-8009 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.0-rc7 Description: A vulnerability in the Linux kernel has been identified, which can cause runtime warnings when CONFIG DEBUG KMAP LOCAL is enabled. The issue arises from the kmap local sched in,out...