Linux Distros Unpatched Vulnerability : CVE-2021-47217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Fix NULL deref in sethvtscchangecb if Hyper-V setup fails Check for a valid...

Spring gRPC 0.4.0 for great good!

NB : you can find the working code for this blog here There's a new release of the amazing—if experimental—Spring gRPC project: version 0.4.0. I won't get into the nitty-gritty of all that's new, but I just wanted to highlight how elated I am to use it and walk you through the step-by-step path t...

CVE-2025-25609

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the staticipv6 parameter in the formIpv6Setup interface of /bin/boa...

Malicious code in pydefender (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a1e2cc2d94eff74e302118c35c34f87e76175fe507facbe21c29883960c8223e setup.py is prepared to download and run an obfuscated batch script. While the script is not detected by any AV currently, in the sandbox analysis it reveals...

Exploit for Cross-site Scripting in Humansignal Label_Studio

CVE-2025-25296 Proof of Concept POC Description This pr...

SUSE CVE-2024-57981

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is late...

SUSE CVE-2025-21723

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...

PT-2025-9131

Name of the Vulnerable Software and Affected Versions: TOTOlink A3002R version V1.1.1-B20200824.0128 Description: The issue arises from a buffer overflow due to improper input validation of the pppoe dns1 parameter in the formIpv6Setup interface of the /bin/boa endpoint. Recommendations: For...

CVE-2025-25610

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the staticgw parameter in the formIpv6Setup interface of /bin/boa...

CVE-2025-25609

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the staticipv6 parameter in the formIpv6Setup interface of /bin/boa...

CVE-2025-25610

CVE-2025-25610 affects the TOTOLINK A3002R router (version V1.1.1-B20200824.0128). The flaw stems from improper input validation of the static_gw parameter in the formIpv6Setup interface of /bin/boa, leading to a buffer overflow. Public sources indicate potential for arbitrary code execution or d...

CVE-2025-25609

The CVE-2025-25609 entry concerns TOTOLINK A3002R firmware V1.1.1-B20200824.0128. The root cause is a buffer overflow in the /bin/boa component caused by improper input validation of the static_ipv6 parameter in the formIpv6Setup interface. Public documentation in CNVD/Red Hat/EUVD/CIRCL referenc...

The vulnerability of the Setup Files Cleanup component of the Windows operating system, which allows a hacker to exploit their privileges

The vulnerability of the Setup Files Cleanup component of the Windows operating system is related to errors in handling symbolic links. Exploiting this vulnerability can allow an attacker to increase their privileges...

SUSE CVE-2022-49395

In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: stack-out-of-bounds in...

SUSE CVE-2022-49412

In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge and set bic-stablemergebfqq and the moment bfqsetupmerge is called. This...

SUSE CVE-2022-49492

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvmeallocadmintags In nvmeallocadmintags, the adminq can be set to an error typically -ENOMEM if the blkmqinitqueue call fails to set up the queue, which is checked immediately after th...

SUSE CVE-2022-49549

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...

SUSE CVE-2022-49725

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After PF reset and ethtool -t there was call trace in dmesg sometimes leading to panic. When there was some time, around 5 seconds, between reset and test there were no errors. Problem w...

AZL-57982 CVE-2025-21723 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...

DEBIAN-CVE-2025-21723

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...