PT-2025-54095

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a potential memory leak within the m920x i2c xfer function. Specifically, memory associated with read may be freed incorrectly when it is NUL...

Fetch 安全漏洞

Fetch is an FTP file transfer client from Fetch USA. A security vulnerability exists in Fetch version 5.8.2, which stems from consuming 100% CPU while processing an extremely long server response, which may result in a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992590 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102i2ctransfer In dw2102i2ctransfer, msg is controlled by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992415 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over...

PT-2025-54243

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains a conditional command injection issue. Local authenticated users can create malicious files in the /tmp directory. Unauthenticated attackers can execute...

PT-2025-54004

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s xiic xfer function related to runtime power management. Specifically, a runtime PM reference is not always released when the function exits due to an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992631 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102i2ctransfer In dw2102i2ctransfer, msg is controlled by...

PT-2025-54246

Name of the Vulnerable Software and Affected Versions Fetch FTP Client version 5.8.2 Description The Fetch FTP Client is subject to a denial of service condition. Attackers can exploit this by sending long server responses, specifically those exceeding 2K bytes, which leads to 100% CPU consumptio...

Security Bulletin: Vulnerability in SSH servers which implement file transfer protocols affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in SSH servers which implement file transfer protocols has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to...

curl: WebSocket Logic Error: Control Frame (PING/PONG) Starvation causes Connection Drop (DoS) during large transfers

Summary: I have discovered a logic flaw in lib/ws.c regarding the handling of WebSocket Control Frames PING/PONG. According to RFC 6455, Control Frames should be processed as soon as possible, even in the middle of fragmented data frames, to maintain connection state Keep-Alive. However, libcurl...

Exploit for CVE-2025-9074

CVE-2025-9074 Docker Container Command Execution Tool A power...

Linux Distros Unpatched Vulnerability : CVE-2023-54159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: mtu3: fix kernel panic at qmu transfer done irq handler When handle qmu transfer irq, it will unlock @mtu-lock before give back request, if another thread...

SUSE CVE-2022-50717

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmettcphandleh2cdatapdu, add a bounds check to avoid out-of-bounds access...

SUSE CVE-2022-50774

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIGDMAAPIDEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function adddmaentry reports a warning similar to the one below, saying that...

SUSE CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

SUSE CVE-2023-54159

In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix kernel panic at qmu transfer done irq handler When handle qmu transfer irq, it will unlock @mtu-lock before give back request, if another thread handle disconnect event at the same time, and try to disable ep, it m...

SUSE CVE-2025-68352

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin - Automated Vulnerability Discovery Engine. The 'len' variable is calculated as 'min32, trans-len + 1', which includes the 1-byte command header...

SUSE CVE-2025-68359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of qgroup record after failure to add delayed ref head In the previous code it was possible to incur into a double kfree scenario when calling adddelayedrefhead. This could happen if the record was reported...

CVE-2019-25251

Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xmlurl'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP...

EUVD-2023-60286

In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix kernel panic at qmu transfer done irq handler When handle qmu transfer irq, it will unlock @mtu-lock before give back request, if another thread handle disconnect event at the same time, and try to disable ep, it m...