795 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-21634
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump:...
Linux Distros Unpatched Vulnerability : CVE-2024-53128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce...
Linux Distros Unpatched Vulnerability : CVE-2024-41041
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: udp: Set SOCKRCUFREE earlier in udplibgetport. syzkaller triggered the warning 0 in...
Linux Distros Unpatched Vulnerability : CVE-2021-47638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ubifs: renamewhiteout: Fix double free for whiteoutui-data 'whiteoutui-data' will be freed...
Linux Distros Unpatched Vulnerability : CVE-2022-48758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This...
Linux Distros Unpatched Vulnerability : CVE-2022-48633
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/gma500: Fix WARNONlock-magic != lock error psbgemunpin calls dmaresvlock but the underlying wwmutex gets destroyed by drmgemobjectrelease move the...
Linux Distros Unpatched Vulnerability : CVE-2021-3682
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a...
Linux Distros Unpatched Vulnerability : CVE-2024-26679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror inetrecverror is called without holding the...
Linux Distros Unpatched Vulnerability : CVE-2024-41068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/sclp: Fix sclpinit cleanup on failure If sclpinit fails it only partially cleans up: if there are multiple failing calls to sclpinit sclpstatechangeevent...
acmailer vulnerable to cross-site scripting
Overview acmailer provided by Extra Innovation Inc. contains a cross-site scripting vulnerability CWE-79. This vulnerability was reported to IPA, and JPCERT/CC started coordination with the developer in 2023. The developer released the fixed version on 2023. The coordination between JPCERT/CC and...
MAL-2025-1253 Malicious code in nebulagl-h3-hexagon-editing (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbf7cb7b134f7a3699367939a1d01f6863a30cbc599d8973b3c57509cd51c9b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-57965
In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability...
GHSA-RH4J-5RHW-HR54 vllm: Malicious model to RCE by torch.load in hf_model_weights_iterator
Description The vllm/modelexecutor/weightutils.py implements hfmodelweightsiterator to load the model checkpoint, which is downloaded from huggingface. It use torch.load function and weightsonly parameter is default value False. There is a security warning on...
CVE-2024-56571
...
SUSE: Security Advisory (SUSE-SU-2024:4414-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MAL-2024-12011 Malicious code in nimiq-rewards-calculator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d950995f06dd02bfab4e652ede8b9806d3cdd50d46d63c8f03da915e20a25da2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10956 Malicious code in config-sdk-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e981c5877747825868f3fa52c139feb2dc49785d34e735556a425dcaf00c2802 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-50177
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursorwidth is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as...
serve-static affected by template injection that can lead to XSS
...
CVE-2023-3441
An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implications of granting merge rights to protected branches...