EUVD-2025-203792

In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the 'ioctlsg01' test from Linux Test Project LTP. The following bytes were mainly observed: 0x53425355. When USB storage devices incorrect...

AZL-72631 CVE-2025-68288 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the 'ioctlsg01' test from Linux Test Project LTP. The following bytes were mainly observed: 0x53425355. When USB storage devices incorrect...

CVE-2025-68288

CVE-2025-68288 affects the Linux kernel USB storage path (SCSI generic /dev/sg) where a memory leak occurs in the bulk transport path when a data phase is skipped. The issue arises when the host extracts/validates the Command Status Wrapper (CSW) from the sg buffer but fails to clear it, leaving ...

AZL-72509 CVE-2025-68206 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

UBUNTU-CVE-2025-68206

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

CVE-2025-68217 Input: pegasus-notetaker - fix potential out-of-bounds access

In the Linux kernel, the following vulnerability has been resolved: Input: pegasus-notetaker - fix potential out-of-bounds access In the pegasusnotetaker driver, the pegasusprobe function allocates the URB transfer buffer using the wMaxPacketSize value from the endpoint descriptor. An attacker ca...

CVE-2025-68206

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

CVE-2025-68206

In CVE-2025-68206, the Linux kernel netfilter nft_ct subsystem is fixed by adding a seqadj extension for natted connections. The issue affected FTP traffic (PASV/EPSV modes) where NAT rewrites of FTP control payloads could require adjustments to TCP length and the expected seq/ack_seq, breaking o...

CVE-2025-68206 netfilter: nft_ct: add seqadj extension for natted connections

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

PT-2025-51572

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the SPI subsystem, specifically in the rockchip-sfc driver. The problem stems from the incorrect usage of DMA-API, where virt to phys was used t...

Linux Distros Unpatched Vulnerability : CVE-2025-68194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of sequence adjustment support, which could result in an interrupted FTP connection...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of transfer failures, which could lead to performance degradation...

PT-2025-51692

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel memory leak exists in USB storage devices when they incorrectly skip the data phase with status data. The code validates the CSW from the sg buffer but fails to clear it,...

ROS-20251216-7307

A vulnerability in the FTP Client component of the Apache Commons Net library is related to the use of open redirection with insufficient input data validation during PASV response processing. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected...

CVE-2025-36747

ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primari...

CVE-2025-55184

A flaw was found in React Server Components. This vulnerability allows a denial of service via unsafe deserialization of payloads from HTTP Hypertext Transfer Protocol requests to Server Function endpoints. A malicious HTTP request can be crafted and sent to any App Router endpoint that, when...

Xlight FTP Server 安全漏洞

Xlight FTP Server is an FTP server software from Xlight open source. A security vulnerability exists in Xlight FTP Server version 3.9.3.6, which stems from a stack buffer overflow in the Execute Program configuration that could cause the application to crash...

CVE-2024-58299

PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access...