DEBIAN-CVE-2025-39820

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add a null ptr check for dpuencoderneedsmodeset The drmatomicgetnewconnectorstate can return NULL if the connector is not part of the atomic state. Add a check to prevent a NULL pointer dereference. This follows the...

CLSA-2025-1758023679 ruby: Fix of CVE-2016-2339

CVE-2016-2339: fix heap overflow vulnerability in Fiddle::Function.new 'initialize' function...

Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack

Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 CVSS score: 8.8, an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a...

ROOT-OS-DEBIAN-11-CVE-2025-5987 CVE-2025-5987 in rootio-libssh - Patched by Root

Root has patched CVE-2025-5987 in the rootio-libssh package for Root:Debian:11. Multiple fixed versions available...

Security update for python311

This update for python311 fixes the following issues: CVE-2025-8194: Fixed tar archives with negative offsets leading to infinite loop and deadlock bsc1247249 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

CVE-2022-50332

In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without, simpledrm can still bind to simple-framebuffer devices after the...

CVE-2022-50318

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswephaslimitsbox pcigetdevice will increase the reference count for the returned 'dev'. We need to call pcidevput to decrease the reference count. Since 'dev' is only used in...

CVE-2023-53223

The CVE-2023-53223 issue affects the Linux kernel component drm/msm/dsi where alloc_ordered_workqueue may return NULL. The vulnerability arises from a missing check of the return value, potentially leading to a NULL pointer dereference. A patch addressing this check has been published (Patchwork:...

CVE-2022-50280

In the Linux kernel, the following vulnerability has been resolved: pnode: terminate at peers of source The propagatemnt function handles mount propagation when creating mounts and propagates the source mount tree @sourcemnt to all applicable nodes of the destination propagation mount tree headed...

PT-2025-39075

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.6 Description Flowise is a drag-and-drop user interface for building customized large language model flows. A critical issue exists in the CustomMCP node, which allows users to input configuration settings for...

[slackware-security] patch

New patch packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/patch-2.8-i586-1slack15.0.txz: Upgraded. We patched CVE-2018-1000156 seven years ago arguably the most severe of these flaws, but several more CVEs...

OESA-2025-2286 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

OESA-2025-2275 binutils security update

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

CVE-2025-59054 dstack has insecure LUKS2 persistent storage partitions that may be opened and used

dstack is a software development kit SDK to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions of dstack prior to 0.5.4, a malicious host may provide a crafted LUKS2 data volume to a dstack CVM for use as the /data mount. The guest will open t...

CLSA-2025-1757666519 xorg-x11-server: Fix of CVE-2025-49178

CVE-2025-49178: fix request handling flaw causing potential denial of service...

CLSA-2025-1757663366 git: Fix of CVE-2024-50349

CVE-2024-50349: fix ANSI escape sequence vulnerability that occurs when asking for credentials interactively...

SAMSUNG SMR 安全漏洞

SAMSUNG SMR is a system patch package from the South Korean company Samsung SAMSUNG. It provides patches for Samsung mobile applications. A security vulnerability exists in SAMSUNG SMR, which stems from the presence of an out-of-bounds write that could lead to the execution of arbitrary code...

CVE-2025-39762

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: add null check WHY Prevents null pointer dereferences to enhance function robustness HOW Adds early null check and return false if invalid...

CVE-2025-39750

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Correct tid cleanup when tid setup fails Currently, if any error occurs during ath12kdprxpeertidsetup, the tid value is already incremented, even though the corresponding TID is not actually allocated. Proceed to...

ROOT-OS-DEBIAN-12-CVE-2025-27613 CVE-2025-27613 in rootio-git - Patched by Root

Root has patched CVE-2025-27613 in the rootio-git package for Root:Debian:12. Multiple fixed versions available...