CVE-2022-50165 wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...

CVE-2022-50165

CVE-2022-50165 affects the Linux kernel wifi/wil6210 debugfs, where a logic error in wil_write_file_wmi() stems from a commit that changed simple_write_to_buffer() to memdup_user() but did not adjust the return value, leaving rc uninitialized and returning rc. The fix is to return the length when...

USN-7574-1 golang-1.22 vulnerabilities

Kyle Seely discovered that the Go net/http module did not properly handle sensitive headers during repeated redirects. An attacker could possibly use this issue to obtain sensitive information. CVE-2024-45336 Juho Forsén discovered that the Go crypto/x509 module incorrectly handled IPv6 addresses...

PT-2025-26091 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns an uninitialized variable use in the wil write file wmi function. A commit changed simple write to buffer to memdup user, but forgot to update the return value,...

Security Bulletin: Security Vulnerability in Apache Kafka Client Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2024-31141)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnearbility in Apache Kafka Client Vulnerability Details CVEID:CVE-2024-31141 DESCRIPTION: Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kaf...

TencentOS Server 4: helm (TSSA-2024:0616)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0616 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-4275 SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate

A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot...

CVE-2025-4275 SecureFlashDxe: Incorrect UEFI variable attributes check allows usage of invalid certificate

A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot...

CVE-2025-4275

CVE-2025-4275 affects InsydeH2O UEFI firmware/applications. Root cause: unsafe handling of an NVRAM variable used to store signing certificates, enabling a attacker to inject their own certificate and bypass Secure Boot. Impact: execution of unsigned or malicious UEFI code before OS load, potenti...

GO-2025-3745 listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user in github.com/knadh/listmonk

listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user in github.com/knadh/listmonk. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is...

CVE-2025-4678 Remote Code Execution leads to Command Injection

Improper Neutralization of Special Elements in the chromiumpath variable may allow OS command injection. This issue affects Pandora ITSM 5.0.105...

CVE-2025-4678

CVE-2025-4678 affects Pandora ITSM 5.0.105. The root cause is improper neutralization of special elements in the chromium_path variable, which may permit OS command injection. The CVSS data indicates network attack vector, high severity (7.0), with high privileges required and no user interaction...

Environment Variable Exposure

github.com/knadh/listmonk is vulnerable to Environment Variable Exposure. The vulnerability is due to the use of env and expandenv template functions in Sprig, which allows non-super-admin users to capture sensitive environment variables in multi-user installations...

PT-2025-24700 · Unknown · Pandora Itsm

Name of the Vulnerable Software and Affected Versions: Pandora ITSM version 5.0.105 Description: The issue is related to the improper neutralization of special elements in the chromium path variable, which may allow OS command injection. Recommendations: For Pandora ITSM version 5.0.105, consider...

A Vulnerability in UEFI Applications allows for secure boot bypass via misused NVRAM variable

Overview UEFI firmware applications DTBios and BiosFlashShell from DTResearch contain a vulnerability that allows Secure Boot to be bypassed using a specially crafted NVRAM variable. The vulnerability stems from improper handling of a runtime NVRAM variable that enables an arbitrary write...

A vulnerability in Insyde H2O UEFI application allows for digital certificate injection via NVRAM variable

Overview A vulnerability in an Insyde H2O UEFI firmware application allows digital certificate injection through an unprotected NVRAM variable. This issue arises from the unsafe use of an NVRAM variable, which is used as trusted storage for a digital certificate in the trust validation chain. An...

CVE-2025-49136 listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the env and expandenv template functions which is enabled by default in Sprig enables capturing of env variables on host. While this may not be a problem on single-use...

CVE-2025-49136 listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the env and expandenv template functions which is enabled by default in Sprig enables capturing of env variables on host. While this may not be a problem on single-use...

GHSA-JC7G-X28F-3V3H listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user

Summary The env and expandenv template functions which is enabled by default in Sprig enables capturing of env variables on the host. While this may not be a problem on single-user super admin installations, on multi-user installations, this allows non-super-admin users with campaign or template...

CVE-2025-49013 WilderForge vulnerable to code Injection via GitHub Actions Workflows

WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of $ github.event.review.body and other user controlled variables directly inside shell script contexts in GitHub...