27 matches found
EUVD-2019-11332
Malware in sbrugna...
EUVD-2019-3809
Malware in sbrugna...
EUVD-2018-13603
Malware in sbrugna...
EUVD-2021-21764
Malware in sbrugna...
EUVD-2019-17311
Malware in sbrugna...
EUVD-2021-33964
Malicious code in bioql PyPI...
EUVD-2022-24440
Malicious code in bioql PyPI...
EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-1598)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...
AIX : Multiple Vulnerabilities (IJ54873)
The version of AIX installed on the remote host is prior to APAR IJ54873. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54873 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...
CVE-2025-37777
CVE-2025-37777: In the Linux kernel ksmbd path, a use-after-free could occur in __smb2_lease_break_noti() when the connection is disconnected, because ksmbd_conn_write may touch freed structures if conn->ksmbd_transport is already freed. The fix moves the tcp_transport free to ksmbd_conn_free,...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-097 (ALASKERNEL-5.4-2025-097)
The version of kernel installed on the remote host is prior to 5.4.291-206.400. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-097 advisory. In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is no...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-53206)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53206 advisory. - In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in...
Advisory ROSA-SA-2025-2731
Software: PackageKit 1.1.12 OS: ROSA Virtualization 3.0 packageevrstring: PackageKit-1.1.12-7.0.1.rv30 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...
CVE-2022-49622 netfilter: nf_tables: avoid skb access on nf_stolen
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid skb access on nfstolen When verdict is NFSTOLEN, the skb might have been freed. When tracing is enabled, this can result in a use-after-free: 1. access to skb-nftrace 2. access to skb-mark 3. computatio...
CVE-2025-26601
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...
CVE-2024-57801 net/mlx5e: Skip restore TC rules for vport rep without loaded flag
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Skip restore TC rules for vport rep without loaded flag During driver unload, unregisternetdev is called after unloading vport rep. So, the mlx5ereppriv is already freed while trying to get rpriv-netdev, or walk...
PT-2024-23621 · Bento4 · Bento4
Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-641-2-g1529b83 Description: An issue was discovered in Bento4, leading to a Denial of Service DoS. The issue is a heap-use-after-free in AP4 UnknownAtom::AP4 UnknownAtom at Ap4Atom.cpp, as demonstrated by mp42ts...
Moderate: Red Hat Security Advisory: tcpdump security update
An update for tcpdump is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Google Chrome Security Update (stable-channel-update-for-desktop_20-2021-07) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
PT-2023-33092 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue concerns a use-after-free in the ip6 fragment function, potentially leading to security vulnerabilities. The actual impact and attack plausibility have not yet been proven...