12429 matches found
MAL-2025-191185 Malicious code in @alexcolls/nuxt-socket.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dee0cebdac319dea5d5f8c78c0d15431297789499f8e486729175fffb7c4f91 The package @alexcolls/nuxt-socket.io was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199514
Malicious code in @alexcolls/nuxt-socket.io npm...
EUVD-2025-198708
NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...
EUVD-2025-198707
Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...
kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...
CLSA-2025-1763734783 kernel: Fix of 64 CVEs
media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 - vsock: Fix transport TOCTOU CVE-2025-38461 - ALSA:...
CVE-2025-62875
An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1...
CVE-2025-62875
OpenSMTPD contains an improper check for unusual or exceptional conditions that allows a local user to crash the daemon (local DoS) via a UNIX domain socket (smtpd.sock). Affected product: OpenSMTPD on openSUSE Tumbleweed, affected versions are prior to 7.8.0p0-1.1. Root cause is an insufficient ...
CVE-2025-62875 Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock
An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1...
CVE-2025-62875 Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock
An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1...
TencentOS Server 3: mod_http2 (TSSA-2022:0259)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0259 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 4: kernel (TSSA-2025:0430)
"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0430 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilitie...
TencentOS Server 3: nodejs-nodemon (TSSA-2022:0261)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0261 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: virt:rhel and virt-devel:rhel (TSSA-2022:0119)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0119 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
kernel: net: usb: smsc75xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56605)
Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate btsockalloc allocates the sk object and attaches it to the provided sock object. On error l2capsockalloc frees the sk object, but the dangling pointer is still attached to the sock object, which may create use-after-fr...
kernel: vsock/virtio: Validate length in packet header before skb_put()
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...
ALSA-2025:21397 Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 For more details about the security issues, including...
CVE-2025-64726
Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. Socket Firewall binary versions separate from installers prior to 0.15.5 are vulnerable to arbitrary code execution when run in untrusted project...
net: usb: lan78xx: Limit packet length to skb->len
...