CVE-2025-41739

CVE-2025-41739 affects the CODESYS Control runtime system (Linux and QNX). The issue is a race-condition in the system’s communication servers that allows an unauthenticated, remote attacker to trigger an out-of-bounds read via crafted socket communication, potentially leading to a denial of serv...

CVE-2025-41739 CODESYS Control - Linux/QNX SysSocket flaw

An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service...

CVE-2025-41739 CODESYS Control - Linux/QNX SysSocket flaw

An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

PT-2025-48434

An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service...

ROS-20251201-02

A vulnerability in the vfsinode.c component of the Linux kernel is related to the use of an uninitialized resource. of an uninitialized resource. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the llcpsock.c component of the Lin...

PT-2025-52889

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.7 Description The Linux kernel contains a flaw in the VXLAN implementation where a NULL pointer dereference can occur in the vxlan xmit one function. This happens because the sock4 and sock6 pointers are not...

MAL-2025-191185 Malicious code in @alexcolls/nuxt-socket.io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dee0cebdac319dea5d5f8c78c0d15431297789499f8e486729175fffb7c4f91 The package @alexcolls/nuxt-socket.io was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199514

Malicious code in @alexcolls/nuxt-socket.io npm...

EUVD-2025-198708

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

EUVD-2025-198707

Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

CLSA-2025-1763734783 kernel: Fix of 64 CVEs

media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 - vsock: Fix transport TOCTOU CVE-2025-38461 - ALSA:...

CVE-2025-62875

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1...

CVE-2025-62875

OpenSMTPD contains an improper check for unusual or exceptional conditions that allows a local user to crash the daemon (local DoS) via a UNIX domain socket (smtpd.sock). Affected product: OpenSMTPD on openSUSE Tumbleweed, affected versions are prior to 7.8.0p0-1.1. Root cause is an insufficient ...

CVE-2025-62875 Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1...

CVE-2025-62875 Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1...

TencentOS Server 4: kernel (TSSA-2025:0430)

"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0430 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilitie...

TencentOS Server 3: mod_http2 (TSSA-2022:0259)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0259 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...