EUVD-2026-32243

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection, as a cycle would result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

[BSA-134] Security Update for jq

ChangZhuo Chen uploaded new packages for jq which fixed the following security problems: CVE-2026-32316 jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad functions, where concatenating strings...

Astra Linux - уязвимость в yaml-cpp

The SingleDocParser::HandleNode function in yaml-cpp also known as LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...

CVE-2026-5772

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

CVE-2026-30987

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in CIccTagNum::GetValues causing stack memory corruption or crash. This vulnerability is fixed in 2.3.1.5...

CVE-2025-48023

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...

Yokogawa Electric Vnet/IP Interface 安全漏洞

Yokogawa Electric Vnet/IP Interface is a real-time control network interface developed by Yokogawa Electric Corporation. Versions of Yokogawa Electric Vnet/IP Interface prior to R1.07.00 contained a security vulnerability. This vulnerability stemmed from the handling of malicious data packets,...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the lookuphandlecname function when processing an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonical name are identical. An attacker can cause a crash and exhaust the...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2022-48522)

In Perl 5.34.0, function Sfinduninitvar in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

EUVD-2021-8414

Malicious code in bioql PyPI...

EUVD-2022-37704

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-20395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to pars...

Linux Distros Unpatched Vulnerability : CVE-2021-44504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a size variable, stored as an...

PT-2025-31140 · Undefined · Undefined

@CVEnew Interesting find! @BenjaminUs15, have you seen this CVE-2025-38493338498493 timerlat dump stack crash in the Linux kernel? Looks like a nasty one for tracing/osnoise users. Kernel panics are no joke...

PT-2025-35969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where stack top may crash for tasks lacking an ABI or vDSO. This occurs because the code attempts to dereference a NULL ABI pointer when called by tasks,...

CVE-2022-49776 macvlan: enforce a consistent minimal mtu

In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior which could lead to crashes in ipv6 stack if the link is brought up $ ip link add...

CVE-2022-49776 macvlan: enforce a consistent minimal mtu

In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior which could lead to crashes in ipv6 stack if the link is brought up $ ip link add...

DEBIAN-CVE-2024-41042

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection because a cycle will result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

OESA-2023-1564 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development.Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: In Perl 5.34.0, function Sfinduninitvar i...