OpenClaw: resolvedAuth closure becomes stale after config reload

Impact resolvedAuth closure becomes stale after config reload. After a config reload, newly accepted gateway connections could continue using stale resolved auth state. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenClaw trust model and does not assume a...

CVE-2023-53628 drm/amdgpu: drop gfx_v11_0_cp_ecc_error_irq_funcs

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq is retired in gfx11. In gfxv110hwfini still use amdgpuirqput to disable this interrupt, which caused the call trace in this function. 102.873958 Call Trace:...

DEBIAN-CVE-2025-38732

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfreject: don't leak dst refcount for loopback packets recent patches to add a WARN when replacing skb dst entry found an old bug: WARNING: include/linux/skbuff.h:1165 skbdstcheckunset include/linux/skbuff.h:1164 inlin...

OESA-2025-1977 gdb security update

GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed. Security Fixes: A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this iss...

openSUSE Security Advisory (SUSE-SU-2024:1793-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-C5X2-P679-95WC Null pointer dereference in `SparseTensorSliceDataset`

Impact When a user does not supply arguments that determine a valid sparse tensor, tf.rawops.SparseTensorSliceDataset implementation can be made to dereference a null pointer: python import tensorflow as tf tf.rawops.SparseTensorSliceDataset indices=,,, values=1,2,3, denseshape=3,3 The...

PYSEC-2021-178

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...

AZL-6899 CVE-2020-17525 affecting package subversion for versions less than 1.14.0-4

Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in...

PYSEC-2020-61

In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...

Moderate: Red Hat Security Advisory: e2fsprogs security and bug fix update

An update for e2fsprogs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CentOS Update for nss-softokn CESA-2019:4152 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress ND Shortcodes For Visual Composer plugin <= 5.8 - Unauthenticated WP Options Update vulnerability

Unauthenticated WP Options Update vulnerability found in WordPress ND Shortcodes For Visual Composer plugin versions = 5.8. Solution Update the WordPress ND Shortcodes For Visual Composer plugin to the latest available version at least 5.9.1...

Important: Red Hat Security Advisory: systemd security and bug fix update

An update for systemd is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

python 3.7 -- multiple vulnerabilities

Python changelog: bpo-37463: ssl.matchhostname no longer accepts IPv4 addresses with additional text after the address and only quad-dotted notation without trailing whitespaces. Some inetaton implementations ignore whitespace and all data after whitespace, e.g.'127.0.0.1 whatever'. bpo-35907:...

Design/Logic Flaw

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth...

RedHat Update for apr RHSA-2017:3270-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for kernel CESA-2017:0293 centos6

Check the version of kernel SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882665";...

CentOS Update for firefox CESA-2016:1912 centos5

Check the version of firefox SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882559";...

Updated quassel packages fix CVE-2015-3427

Updated quassel packages fix security vulnerability: Quassel is vulnerable to SQL injection through its use of Qt's postgres driver. If the PostgreSQL server is restarted or the connection is lost at any point, other IRC users may be able to trick the Quassel core into executing SQL queries upon...

Security fix for the ALT Linux 8 package libvirt version 1.1.4-alt1

Nov. 6, 2013 Alexey Shabalin 1.1.4-alt1 - 1.1.4 - fixed CVE-2013-4400, CVE-2013-4401...