CVE-2022-50779

The CVE-2022-50779 issue affects the Linux kernel’s orangefs integration. The vulnerability is a memory leak in the orangefs_prepare_debugfs_help_string() path: when the orangefs module is inserted and removed, the debug_help_string is leaked from kmemleak. The root cause is failure to consistent...

httpd security update

An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

SUSE CVE-2025-10543

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unreleased string after a failed bindipitoirqhandler in xeninitlockcpu, which could lead to a memory leak...

PT-2025-53145

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified within the orangefs module in the Linux kernel, specifically in the orangefs prepare debugfs help string function. This leak occurs during the insertion and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unfreed string allocated in the orangefspreparedebugfshelpstring function, which could lead to a memory...

CVE-2025-14928 Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers HuBERT convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

EUVD-2023-60228

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

Oracle Linux 10 : httpd (ELSA-2025-23932)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23932 advisory. - Resolves: RHEL-135052 - httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 - Resolves: RHEL-135035 -...

CVE-2023-53966

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966

CVE-2023-53966 affects SOUND4 LinkAndShare Transmitter 1.1.2. It describes a format string vulnerability in getenv() usage where the attacker can manipulate the username environment variable to trigger memory stack overflows, potentially enabling arbitrary code execution and causing a crash. This...

CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

SUSE-SU-2025:4504-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. - CVE-2025-14087: buffer underflow in the GVariant parser...

os/exec: Unexpected paths returned from LookPath in os/exec

A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

PT-2025-52703

Name of the Vulnerable Software and Affected Versions SOUND4 LinkAndShare Transmitter version 1.1.2 Description SOUND4 LinkAndShare Transmitter version 1.1.2 contains a format string vulnerability. This allows attackers to trigger memory stack overflows through maliciously crafted environment...

SOUND4 LinkAndShare Transmitter 格式化字符串错误漏洞

SOUND4 LinkAndShare Transmitter is a remote control communication component from SOUND4 France. A Formatting String Error vulnerability exists in SOUND4 LinkAndShare Transmitter version 1.1.2, which stems from a Formatting String vulnerability that could lead to a memory stack overflow...

EUVD-2025-204670

A vulnerability has been found in Tenda FH1201 1.2.0.14408. Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be...

SUSE SLES16 Security Update : ImageMagick (SUSE-SU-2025:21211-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21211-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. -...