ROOT-OS-DEBIAN-11-CVE-2025-31344 CVE-2025-31344 in rootio-giflib - Patched by Root

Root has patched CVE-2025-31344 in the rootio-giflib package for Root:Debian:11. Multiple fixed versions available...

EUVD-2013-5168

Malware in sbrugna...

CVE-2025-8343

creationtimestamp| type| source ---|---|--- 2025-07-31 03:07:13+00:00| seen| https://bsky.app/profile/potato.software/post/3lva5s3lftf2n...

BELL-CVE-2025-38469

Bulletin has no description...

CVE-2025-38398

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: reallocate BAM transactions Using the mtdnandbiterrs module for testing the driver occasionally results in weird things like below. 1. swiotlb mapping fails with the following message: 85.926216 qcomsnand...

CVE-2025-54314

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."...

CVE-2025-7783

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 -...

CVE-2025-53906

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

CVE-2025-49812

In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...

CVE-2025-38286

In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91: Fix possible out-of-boundary access at91gpioprobe doesn't check that given OF alias is not available or something went wrong when trying to get it. This might have consequences when accessing gpiochips array with...

CVE-2025-48384

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

Fedora 41 : mingw-gdk-pixbuf (2025-be7e8114df)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-be7e8114df advisory. Backport fix for CVE-2025-6199. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

CVE-2024-35164

The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be...

CVE-2025-53075

Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2...

Fedora 42 : crosswords-puzzle-sets-xword-dl (2025-2f7c693519)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-2f7c693519 advisory. Update to 0.4.8; Fixes: RHBZ2237964, RHBZ2282129 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

CVE-2025-6516

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5Faddrdecodelen of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to...

CVE-2022-49982

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix memory leak in pvrprobe The error handling code in pvr2hdwcreate forgets to unregister the v4l2 device. When pvr2hdwcreate returns back to pvr2contextcreate, it calls pvr2contextdestroy to destroy context, but...

CVE-2022-49981

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidrawrelease Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 size 32: comm "softirq", pid 0, jiffies 4294945143 age 16.080s hex du...

CVE-2025-38019

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix use-after-free when deleting GRE net devices The driver only offloads neighbors that are constructed on top of net devices registered by it or their uppers which are all Ethernet. The device supports GR...

CVE-2025-38073

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...