CVE-2021-28667

StackStorm before 3.4.1, in some situations, has an infinite loop that consumes all available memory and disk space. This can occur if Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data from an action or rule name...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ffmpeg-4 (SUSE-SU-2025:3715-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3715-1 advisory. - CVE-2025-59728: allocated space for the appended '/' bsc1251137 Tenable has extracted the...

EUVD-2017-2647

Malware in sbrugna...

EUVD-2010-3996

Malware in sbrugna...

EUVD-2020-19082

Malware in sbrugna...

EUVD-2019-13656

Malware in sbrugna...

EUVD-2023-34128

Malicious code in bioql PyPI...

EUVD-2021-2857

Malicious code in bioql PyPI...

Security advisory: Recently reported incomplete cleanup issue in Qt's Schannel handling can impact Qt

There is a "Incomplete Cleanup" problem in Qt’s Schannel handling when it is used to provide a server handling incoming TLS connections. This has been assigned the CVE id CVE-2025-6338. Affected versions: This issue affects only the Schannel functionality on Windows if it is turned on in Qt 5.15...

CVE-2025-37936

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the MSRIA32PEBSENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBSENABLE value...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21687)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21687 advisory. - In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of...

CVE-2025-32952

Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files...

CVE-2024-13925

CVE-2024-13925 : Klarna Checkout for WooCommerce (WordPress) before 2.13.5 exposes an unauthenticated WooCommerce Ajax endpoint that allows an attacker to flood log files by posting data at the maximum POST parameter size, causing rapid disk-space exhaustion. Affected: Klarna Checkout for WooComm...

CVE-2025-21910

CVE-2025-21910 affects the Linux kernel (wifi: cfg80211: regulatory) where invalid user regulatory hints could pass through via regulatory_hint_user() into user_alpha2[]. The root cause involves isalpha() handling non-Latin symbols and a subsequent toupper() mutation that bypassed a prior check. ...

Linux Distros Unpatched Vulnerability : CVE-2022-49236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to...

Linux Distros Unpatched Vulnerability : CVE-2012-2417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key...

CVE-2025-0426

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

CVE-2025-21650 net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed hclgefetchpfreg accesses bar space out of bounds issue The TQP BAR space is divided into two segments. TQPs 0-1023 and TQPs 1024-1279 are in different BAR space addresses. However, hclgefetchpfreg does not...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49959)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49959 advisory. - In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when...

Authentication flaw

The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 allows authentication bypass by spoofing. A man-in-the-middle attacker can assume a victim's identify for access to government, medical, and financial resources, and can also extract personal data from...