280 matches found
SUSE CVE-2026-39819
The "go bug" command writes to two files with predictable names in the system temporary directory for example, "/tmp". An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink...
CVE-2026-43220
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: serialize sequence allocation under concurrent TLB invalidations With concurrent TLB invalidations, completion wait randomly gets timed out because cmdsemval was incremented outside the IOMMU spinlock, allowing...
CVE-2026-34601 vulnerabilities
Vulnerabilities for packages: arangodb, sqlpad, saf...
CVE-2026-23411
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race between freeing data and fs accessing it AppArmor was putting the reference to iprivate data on its end after removing the original entry from the file system. However the inode can aand does live beyond that...
ImageMagick: ImageMagick: Local File Disclosure via Path Traversal
A flaw was found in ImageMagick. ImageMagick's path security policy, which is designed to restrict access to certain file paths, is enforced on the raw filename string before the operating system resolves the full path. This allows an attacker to bypass security policies, such as those preventing...
CVE-2026-23235
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...
runc: container escape with malicious config due to /dev/console mount and related races
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...
CVE-2025-24528
In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...
CVE-2025-40345 affecting package kernel for versions less than 6.6.119.3-1
CVE-2025-40345 affecting package kernel for versions less than 6.6.119.3-1. An upgraded version of the package is available that resolves this issue...
EUVD-2006-0360
Malware in sbrugna...
EUVD-2008-3167
Malware in sbrugna...
EUVD-1999-0263
Malware in sbrugna...
EUVD-2012-4089
Malware in sbrugna...
EUVD-2023-32834
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/ttm: Fix dummy res NULL ptr deref bug Check the bo-resource value before accessing the resource memtype. v2: Fix commit description unwrapped warning...
Linux Distros Unpatched Vulnerability : CVE-2025-37942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: pidff: Make sure to fetch pool before checking SIMULTANEOUSMAX As noted by Anssi some 20 years ago, pool report is sometimes messed up. This worked fine on...
CVE-2025-54574
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access...
CVE-2025-38498
In the Linux kernel, the following vulnerability has been resolved: dochangetype: refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount2...
CVE-2025-49794 affecting package libxml2 for versions less than 2.11.5-6
CVE-2025-49794 affecting package libxml2 for versions less than 2.11.5-6. A patched version of the package is available...
Updated sudo packages fix security vulnerabilities
CVE-2025-32462 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines CVE-2025-32463 - Sudo before 1.9.17p1 allows local users to obtain root access because...