CVE-2025-39965 xfrm: xfrm_alloc_spi shouldn't use 0 as SPI

In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrmallocspi shouldn't use 0 as SPI x-id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 "xfrm: Duplicate SPI Handling", we now create states and add them to the byspi list with this value. xfrmstatedelete...

EUVD-2022-55511

Malicious code in bioql PyPI...

CVE-2022-50241 NFSD: fix use-after-free on source server when doing inter-server copy

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free on source server when doing inter-server copy Use-after-free occurred when the laundromat tried to free expired cpntfstate entry on the s2scpstateids list after inter-server copy completed. The sccplist...

PT-2025-37495

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue existed in the Linux kernel's Network File System Daemon NFSD when handling inter-server copies. Specifically, the vulnerability occurred when the nfsd4 close op...

CVE-2025-54832 OPEXUS FOIAXpress Public Access Link (PAL) state and territory list unauthorized modification

OPEXUS FOIAXpress Public Access Link PAL, version v11.1.0, allows an authenticated user to add entries to the list of states and territories...