PT-2025-37253

Name of the Vulnerable Software and Affected Versions: CUPS versions 2.4.12 and earlier Description: CUPS Common Unix Printing System is an open-source printing system for Linux and Unix-like operating systems. Versions 2.4.12 and earlier are susceptible to a remote denial of service due to unsaf...

Docker Desktop < 4.44.3 Container Escape

The version of Docker Desktop is prior to 4.44.3. It is therefore affected by a container escape vulnerability. The vulnerability allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with...

SUSE CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

CVE-2025-40779

A vulnerability was found in Kea. When an attacker who is an existing client with an assigned IP sends a crafted unicast packet directly to the server's IP and Kea cannot find any subnets that match that client's credentials, the server crashes causing a Denial of Service via assertion/NULL-path...

CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

UBUNTU-CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

CVE-2025-40779 Kea crash upon interaction between specific client options and subnet selection

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

CVE-2025-40779 Kea crash upon interaction between specific client options and subnet selection

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

CVE-2025-40779

CVE-2025-40779 affects Kea DHCP server: when a DHCPv4 client unicast request includes specific options and Kea cannot select a subnet, kea-dhcp4 aborts with an assertion. Affected versions are Kea 2.7.1–2.7.9, 3.0.0, and 3.1.0. Public advisories and Nessus plugins indicate fixes in Kea 3.0.1 (and...

Linux Distros Unpatched Vulnerability : CVE-2018-14663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record b...

ISC KEA -- kea-dhcp4 aborts if client sends a broadcast request with particular options

Internet Systems Consortium, Inc. reports: We corrected an issue in kea-dhcp4 that caused the server to abort if a client sent a broadcast request with particular options, and Kea failed to find an appropriate subnet for that client. This addresses CVE-2025-40779 4055, 4048...

CVE-2025-8424

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access...

CVE-2025-8424

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access...

CVE-2025-8424 Improper access control on the NetScaler Management Interface

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access...

CVE-2025-8424

CVE-2025-8424 affects Citrix NetScaler ADC and NetScaler Gateway. The flaw is an improper access control on the NetScaler Management Interface, enabling an attacker who can reach the NSIP, Cluster Management IP, local GSLB Site IP, or SNIP with Management Access to exploit the device. The Citrix ...

Linux Distros Unpatched Vulnerability : CVE-2016-7069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to ad...

TencentOS Server 3: unbound (TSSA-2025:0694)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0694 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: unbound (TSSA-2025:0659)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0659 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-9074

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...