Photon OS 5.0: Linux PHSA-2025-5.0-0719

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0719. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHSA-2025:23739 Red Hat Security Advisory: mod_md security update

Bulletin has no description...

Photon OS 5.0: Linux PHSA-2025-5.0-0717

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0717. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files

In mcp-server-git versions prior to 2025.12.18, the gitdiff and gitcheckout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values e.g., --output=/path/to/file for gitdiff would be interpreted as command-line options rather than git refs,...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.6.0 ESR bsc1254551. MFSA 2025-94 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics:...

CVE-2025-67726

Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values, such as thos...

CVE-2025-65803

An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service DoS via supplying a crafted PSD file...

CVE-2023-53851

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But the struct device...

CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

CVE-2023-53847

In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alaudatransport+0x462/0x57f0...

CVE-2013-10031

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...

CVE-2022-50644

In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in ofdra7atlclkprobe pmruntimegetsync will increment pm usage counter. Forgetting to putting operation will result in reference leak. Add missing pmruntimeputsync in some error paths...

CVE-2022-50615

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...

CVE-2022-50622

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

CVE-2023-53763

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 index 1409 is out of range for type 'le32923' aka 'unsigned int923' Ca...

CVE-2023-53745

In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent memory leak...

CVE-2023-53746

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

TencentOS Server 4: buildah (TSSA-2025:0275)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0275 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-40207

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-subdev: Fix alloc failure check in v4l2subdevcallstatetry v4l2subdevcallstatetry macro allocates a subdev state with v4l2subdevstatealloc, but does not check the returned value. If v4l2subdevstatealloc fails, it retur...

openSUSE Security Advisory (SUSE-SU-2025:4026-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...