9577 matches found
Security update for python311
This update for python311 fixes the following issues: Security issues fixed: CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods bsc1226447 CVE-2024-4032: Fixed incorrect IPv4 and IP...
SUSE-SU-2025:02089-1 Security update for python311
This update for python311 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods bsc1226447 - CVE-2024-4032: Fixed incorrect IPv4...
emacs security update
1:27.2-14.el96.2 - Restore definition of variable 'enable-dir-local-variables' RHEL-92653 1:27.2-14.el96.1 - Bump Z-stream release 1:27.2-14 - Fix arbitrary code execution via Lisp macro expansion RHEL-69399 1:27.2-13 - Bump release 1:27.2-12 - Eliminate use of obsolete patch syntax RHEL-80443...
freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files
A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...
CVE-2022-50165
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z series network devices, known as Teleworker Gateway, allows a intruder to cause a service failure.
The vulnerability of the Cisco AnyConnect VPN server of the microsoftware for Cisco Meraki MX and Cisco Meraki Z series Teleworker Gateways is related to the use of an uninitialized variable during the establishment of an SSL VPN session. Exploiting this vulnerability can allow a malicious actor ...
Moderate: open-vm-tools security update
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools:A malicious actor with non-administrative...
SUSE CVE-2022-50165
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
CVE-2025-20271
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition in the Cisco AnyConnect service on an affected device. This vulnerability is due to...
CVE-2022-50165
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
DEBIAN-CVE-2022-50165
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
UBUNTU-CVE-2022-50165
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
CVE-2022-50221 drm/fb-helper: Fix out-of-bounds access
In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range of pages, the damage...
CVE-2022-50221
CVE-2022-50221 : In the Linux kernel, the drm/fb-helper deferred I/O damage handling could compute an clipping range that allowed an out-of-bounds access when the fbdev screen buffer ended near the start of a page. The patch clamps the maximum memory range to the screen buffer size and also renam...
CVE-2022-50165 wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
CVE-2022-50165
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
CVE-2022-50165 wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...
CVE-2022-50165
CVE-2022-50165 affects the Linux kernel wifi/wil6210 debugfs, where a logic error in wil_write_file_wmi() stems from a commit that changed simple_write_to_buffer() to memdup_user() but did not adjust the return value, leaving rc uninitialized and returning rc. The fix is to return the length when...
USN-7574-1 golang-1.22 vulnerabilities
Kyle Seely discovered that the Go net/http module did not properly handle sensitive headers during repeated redirects. An attacker could possibly use this issue to obtain sensitive information. CVE-2024-45336 Juho Forsén discovered that the Go crypto/x509 module incorrectly handled IPv6 addresses...
PT-2025-26091 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns an uninitialized variable use in the wil write file wmi function. A commit changed simple write to buffer to memdup user, but forgot to update the return value,...