GHSA-R3RC-9HPW-54V9 SwiftNIO: Out-of-bounds write via ByteBuffer index and length UInt32 overflow

Summary A program using swift-nio is vulnerable to a potential out-of-bounds write when attacker-controlled index or length values exceeding UInt32.max are passed to some ByteBuffer methods. This affects all swift-nio versions from 1.0.0 to 2.99.0. It is fixed in 2.100.0 and later releases. Detai...

CVE-2026-48065

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to ndevices, a count derived from libxml2 XPath evaluation of the config file, without first enforcing an upper bound. On 32-bit targets armv7l, i686 --...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the sgtable leak that occurs during mapping failures. In a rare case where iopopulateareadma fails—which can only occur on a PAGEPOOL32BITARCHWITH64BITDMA machine—iozcrxmaparea will have an initialized but...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapDecode This patch fixes unnecessary implicit conversions that change the signedness of bloblen and nummon in cephmonmapDecode. Currently, bloblen and nummon are signed int...

PT-2026-39748

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...

CVE-2026-37530

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

CLSA-2026-1777046565 ImageMagick: Fix of 5 CVEs

CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds - CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define - CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

CVE-2026-23118

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix data-race warning and potential load/store tearing Fix the following: BUG: KCSAN: data-race in rxrpcpeerkeepaliveworker / rxrpcsenddatapacket which is reporting an issue with the reads and writes to -lasttxat in:...

CVE-2026-23118

The CVE-2026-23118 entry concerns a Linux kernel rxrpc data-race: rxrpc_peer_keepalive_worker and rxrpc_send_data_packet access peer->last_tx_at without synchronization, and the 64-bit last_tx_at risking 32-bit tearing. The fix changes last_tx_at to unsigned int and stores only the least-signi...

UBUNTU-CVE-2025-71109

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 "MIPS: Tracing: Reduce the overhead of dynamic Function Tracer", the macro UASMiLAmostly has been used, and this macro can...

CVE-2025-71109 MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 "MIPS: Tracing: Reduce the overhead of dynamic Function Tracer", the macro UASMiLAmostly has been used, and this macro can...

CVE-2025-71109

CVE-2025-71109 covers a Linux kernel issue in MIPS ftrace involving memory corruption when the kernel is located beyond 32 bits. The root cause is the UASM_i_LA_mostly macro (and now UASM_i_LA) generating more than two instructions, while ftrace code stores only an int[2], risking overflow that c...

A Critical Analysis of the Medibank Health Data Breach and Differential Privacy Solutions

This paper critically examines the 2022 Medibank health insurance data breach, which exposed sensitive medical records of 9.7 million individuals due to unencrypted storage, centralized access, and the absence of privacy-preserving analytics. To address these vulnerabilities, we propose an...

HTTPS Fetch, Linux Reboot

Fetch and execute an RISC-V 32-bit payload from an HTTPS server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/https/riscv32le/reboot msf...

CVE-2025-62086

The CVE-2025-62086 entry corresponds to a WordPress plugin issue: Яндекс Доставка (Boxberry) for WordPress, vulnerable to Missing Authorization/Broken Access Control in versions up to 2.32 (some sources list fixes up to 2.34). Root cause is misconfigured access control allowing unauthorized acces...

USN-7910-2: Linux kernel (Azure) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

SUSE CVE-2025-39973

In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ringlen param The ringlen parameter provided by the virtual function VF is assigned directly to the hardware memory context HMC without any validation. To address this, introduce an upper boundary check f...

Fedora 41 : kubernetes1.32 (2025-8f9b0ca4c7)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-8f9b0ca4c7 advisory. - Update to release v1.32.7 - Resolves: rhbz2388412 - Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference - Upstream fixes Tenab...

Linux Distros Unpatched Vulnerability : CVE-2022-32981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER aka PEEKUSR a...