105 matches found
PT-2026-8073
Name of the Vulnerable Software and Affected Versions midi-Synth plugin for WordPress versions up to and including 1.1.0 Description The midi-Synth plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type and file extension validation within the 'export' AJAX...
MiracleLinux 8 : unbound-1.7.3-15.el8 (AXSA:2021-2060:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2060:02 advisory. unbound: integer overflow in the regional allocator via regionalalloc CVE-2019-25032 unbound: integer overflow in sldnsstr2wirednamebuforigin can le...
ROS-20260114-7325
A vulnerability in the sound/core/seq/oss/seqosssynth.c module of the Linux operating system kernel is related to synchronization errors when using a shared resource "Race Situation" when processing SysEx messages. Exploitation of the vulnerability could allow an attacker to cause a denial of...
CVE-2025-56225
fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993037)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993037 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only free buf...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993058)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993058 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if...
Linux Distros Unpatched Vulnerability : CVE-2025-68617
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS fi...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990787)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990787 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990803)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990803 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only free buf...
SUSE CVE-2022-50553
In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event with many params and then create a trace action for it 1, kernel panic happened 2. It is because that in traceactioncreate...
CVE-2022-50553
In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event with many params and then create a trace action for it 1, kernel panic happened 2. It is because that in traceactioncreate...
CVE-2022-50553 tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event with many params and then create a trace action for it 1, kernel panic happened 2. It is because that in traceactioncreate...
CVE-2022-50553
CVE-2022-50553 : In the Linux kernel tracing hist code, an out-of-bounds write occurs in action_data.var_ref_idx when synthesizing events with many params (n_params up to SYNTH_FIELDS_MAX) and a smaller TRACING_MAP_VARS_MAX caused writes beyond the array. The issue is fixed by enlarging data->...
EUVD-2025-32782
In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event with many params and then create a trace action for it 1, kernel panic happened 2. It is because that in traceactioncreate...
EUVD-2025-12979
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49800
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only fre...
Linux Distros Unpatched Vulnerability : CVE-2020-27830
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Linux Kernel where in the spkttyioreceivebuf2 function, it would dereference spkttyiosynth without checking whether it is NULL or...
SUSE CVE-2022-49799
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if setsyntheventprintfmt failed, then both traceremoveeventcall and unregistertraceevent will be called, which means the traceeventcall will call...
SUSE CVE-2022-49800
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only free buf in fail path, hence buf will leak when there is no failure. Add kfreebuf to prevent the memleak. The same reason and solution in...
CVE-2022-49799
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if setsyntheventprintfmt failed, then both traceremoveeventcall and unregistertraceevent will be called, which means the traceeventcall will call...