Linux Distros Unpatched Vulnerability : CVE-2026-46175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written...

UBUNTU-CVE-2026-46175

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...

CVE-2026-46175

Summary of CVE-2026-46175 (f2fs FGGC issue) : In the Linux kernel’s f2fs filesystem, Foreground Garbage Collection (FGGC) of node blocks could leave the fsync and dentry marks uncleared, causing fsck to misinterpret migrated data as fsync-written. The root cause is that the marks were not cleared...

ext4: verify orphan file size is not too big

...

EUVD-2020-12611

Malware in sbrugna...

EUVD-2023-2163

Malicious code in bioql PyPI...

EUVD-2022-6645

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-38712

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

AZL-66866 CVE-2025-38712 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...

OPENSUSE-SU-2025:0008-1 Security update for python-django-ckeditor

This update for python-django-ckeditor fixes the following issues: - Update to 6.7.2 Deprecated the package. Added a new ckeditor/fixups.js script which disables the version check again if something slips through by accident and which disables the behavior where CKEditor 4 would automatically...

AZL-51011 CVE-2024-47690 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fsevictinode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704...

MAL-2024-9186 Malicious code in sp-api-app-cdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13c1afd5646e2a56f333e462e72e1410090f84341d7c0c542598ef4a3061a180 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

CVE-2024-37642

TRENDnet TEW-814DAP v1FW1.01B01 was discovered to contain a command injection vulnerability via the ipv4ping, ipv6ping parameter at /formSystemCheck...

PT-2024-27695 · Trendnet · Trendnet Tew-814Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-814DAP version 1 FW1.01B01 Description: A command injection issue was discovered, affecting the ipv4 ping and ipv6 ping parameters at the /formSystemCheck API endpoint. This allows for potential command injection attacks...

TRENDnet TEW-814DAP Security Vulnerability

The TRENDnet TEW-814DAP is a wireless access point from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-814DAP version v1FW1.01B01, which originates from a command injection vulnerability contained in the ipv4ping, ipv6ping parameters at /formSystemCheck...

TRENDnet TEW-822DRE Security Vulnerability

The TRENDnet TEW-822DRE is a dual-band wireless router from TRENDnet. A security vulnerability exists in the TRENDnet TEW-822DRE version v.1.03B02, which originates from a vulnerability that allows a local attacker to execute arbitrary code via the parameter ipv4ping in /boafrm/formSystemCheck...

How to run a file system check XenServer root file system

This article describes how to run a File System check, the file system on XenServer Host in case where the file system is corrupted and need to be checked. To check and repair a file system in XenServer you can use the fsck command. Requirements XenServer Installation CD...

Design/Logic Flaw

A missing permission check in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the Jenkins controller file system...

Exploit for Out-of-bounds Write in Fortinet Fortios

CVE-2022-42475-RCE-POC Vulnerability Name CVE-2022-4247...