Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista USA. A security vulnerability exists in Arista EOS that stems from the fact that specially crafted packets with incorrect VLAN tags may be copied to the CPU, which may result in incorrect control...

Arista NG Firewall 安全漏洞

Arista NG Firewall is a WEB firewall from Arista USA. A security vulnerability exists in Arista NG Firewall that originates from an ETM access timeout unit that may find an expired and unusable administrator authentication token...

OPENSUSE-SU-2025:0003-1 Security update for etcd

This update for etcd fixes the following issues: Update to version 3.5.12: Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795 test: fix TestHashKVWhenCompacting: ensure all goroutine finished print error log when creating peer listener failed mvcc: Printing etcd backend database related...

USN-7185-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in th...

Three Russian-German Nationals Charged with Espionage for Russian Secret Service

German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia. The individuals, named Dieter S., Alexander J., and Alex D., have been accused of working for a foreign secret service. Dieter S. is also alleged to have participated in sabotage...

PT-2026-8126

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to IOMMU and stale IOTLB entries within the kernel address space. The issue involves the need to invalidate IOTLB paging cache entries before...

PT-2025-30754

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's DRM/MSM/GPU subsystem that can lead to a crash when throttling the GPU immediately during boot. This occurs when the GPU is already hot during boot an...

PT-2026-7116

Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw exists in GnuTLS that can lead to a denial of service DoS. This occurs due to excessive CPU and memory consumption when processing maliciously crafted certificates. These certificates...

PT-2025-30853

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the bnxt en module of the Linux kernel related to DMA unmapping when transmitting XDP REDIRECT packets. Specifically, the dma unmap len set function was called with an...

PT-2024-37065 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically related to the GFX9 hardware support. The issue concerned the cleaner shader, where an omission in the previous patc...

UBUNTU-CVE-2024-56706

In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creation and is protected by a pair of mutexlock and mutexunlock. After reservation of the PMU hardware the...

PT-2024-37017 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory allocation issue has been resolved in the Linux kernel. The problem occurs in the s390/cpum sf module, where the memory allocation for Sample Data Blocks SDBs is not properly...

Security update for vhostmd

This update for vhostmd fixes the following issues: Updated to version 1.2 Fix actions using the 'free' command Fix buffer accounting when generating metric XML Change actions to retrieve vendor and product info Add a 'unit' attribute to the metrics element vif-stats.py: convert to Python3 conf:...

USN-7171-1: PHPUnit vulnerability

It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this issue to achive remote code execution or obtain sensitive information...

OESA-2024-2550 linux-firmware security update

This package contains firmware images required by some devices. Security Fixes: IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in...

The vulnerability of the NVIDIA GPU Display Driver software driver allows a hacker to enhance their privileges and execute arbitrary code.

The vulnerability of the NVIDIA GPU Display Driver software driver is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

Siemens SICAM A8000 CP-8031 and CP-8050 Firmware Decryption Vulnerability

The SICAM A8000 RTU Remote Terminal Unit is a modular device for remote control and automation applications in all areas of energy supply. A firmware decryption vulnerability exists in the Siemens SICAM A8000 CP-8031 and CP-8050 due to the fact that the affected devices contain a secure element...

The vulnerabilities of the iommu/vt-d components of the Linux operating system’s kernel, which allow a hacker to cause a service failure

The vulnerability of the iommu/vt-d components in the Linux operating system’s kernel is related to the lack of memory release after the effective lifespan of these components has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...

@_unit/unit (>=1.0.44 <=1.0.58), @abtnode/blocklet-services (>=1.16.33 <=1.17.12-beta-20260420-061403-d7b5c4e6) +703 more potentially affected by CVE-2024-52798 via path-to-regexp (>=0.0.2 <=0.1.11)

path-to-regexp NPM version =0.0.2, =1.0.44, =1.16.33, =1.16.33, =16.7.2, =1.0.1, =1.11.282, =1.1.55, =0.1.5-alpha.0, =1.13.0, =1.13.0, =0.25.10, =1.0.31, =1.0.32 and more Source cves: CVE-2024-52798 Source advisory: OSV:GHSA-RHX6-C78J-4Q9W...

CVE-2023-48010

STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interface. Code running as Supervisor on the SPC58 PowerPC microcontrollers may disable the System Memory Protection Unit and gain unabridged read/write access to protected assets...