ROS-20260529-73-0002

The vulnerability in opensearch relates to the use of a name with an incorrect link. Exploiting this vulnerability could allow a perpetrator to cause a service failure...

Astra Linux - уязвимость в linux-astra-modules-5.10, linux-astra-modules-6.1, linux-astra-modules-5.15

The vulnerability of Linux Astra Modules’ kernel modules is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

Astra Linux - уязвимость в libxml2

The vulnerability of the xmlStringGetNodeList function in the tree.c component of the Libxml2 library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause a service failure...

EUVD-2025-4890

Malicious code in bioql PyPI...

389-ds-base security update

2.6.1-8 - Resolves: RHEL-83876 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service rhel-9.6 2.6.1-7 - Bump version to 2.6.1-7 2.6.1-6 - Resolves: RHEL-86065 - Backport lib389 fixes required for WebUI rhel-9.6.z - Resolves: RHEL-80713 - Increased memory consumption...

Citrix End User Experience Monitoring service fails to start on the VDA

Citrix End User Experience Monitoring service fails to start. When you try to start the service manually you get the error: service started and then stopped. CDF trace from the VDA shows the event: SemsController,NotMetricRelated Failed to start with exception: System.Security.SecurityException:...

CVE-2023-34406

An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG New Telematics Generation 6 head units. To perform this attack, local access to USB interface of the car is needed. With prepared data, an attacker can cause the...

protobuf, protobuf-python: Denial of Service

Background Google's Protocol Buffers are an extensible mechanism for serializing structured data. Description A vulnerability has been discovered in protobuf and protobuf-python. Please review the CVE identifiers referenced below for details. Impact A parsing vulnerability for the MessageSet type...

SUSE-FU-2023:3283-1 Feature update for cloud-init

This update for cloud-init fixes the following issues: - Default route is not configured bsc1212879 - cloud-final service failing in powerVS bsc1210273 - Randomly generated passwords logged in clear-text to world-readable file bsc1184758, CVE-2021-3429...

ROS-2-618

2.618 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-1909

2.1909 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

CVE-2023-34162

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail...

Design/Logic Flaw

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail...

CVE-2023-34162

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS has a security vulnerability that originates from a version upgrade judgment vulnerability in the user profile module, which can be exploite...

ROS-2-1991

2.1991 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-546

2.546 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-1405

2.1405 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-1460

2.1460 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-1541

2.1541 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...