Foreman 安全漏洞

Foreman is a set of open-source tools developed by Foreman for lifecycle management in both physical and virtual servers. This tool provides functions such as service activation, configuration management, and reporting status. There is a security vulnerability in Foreman, which stems from command...

CVE-2023-53747

In the Linux kernel, the following vulnerability has been resolved: vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to consoleunlock in vcswrite the vcdata struct can be freed by vcportdestruct. Because of that, the struct vcdata pointer must be reloaded in th...

Linux Distros Unpatched Vulnerability : CVE-2023-53747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to consoleunlock in vcswrite the vcdata struct can be freed by...

CVE-2025-66238

DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine...

CVE-2025-66238

DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine...

CVE-2025-66238

CVE-2025-66238 affects Sunbird DCIM dcTrack. An authenticated user with access to the appliance’s virtual console can misuse remote access features to redirect network traffic, potentially accessing restricted services or data on the host. The Red Hat/NVD/CISA entries corroborate a high-severity ...

PT-2025-49148

Name of the Vulnerable Software and Affected Versions DCIM dcTrack affected versions not specified Description An authenticated user with access to the appliance's virtual console could misuse certain remote access features to redirect network traffic. This could potentially allow access to...

TencentOS Server 3: flatpak (TSSA-2023:0295)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0295 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2010-2657

Malware in sbrugna...

EUVD-2023-31825

Malicious code in bioql PyPI...

EUVD-2023-23767

Malicious code in bioql PyPI...

CVE-2022-50404

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at fbcondosetfont 1, for commit a5a923038d70 "fbdev: fbcon: Properly revert changes when vcresize failed" missed that the buffer might be new...

Linux Distros Unpatched Vulnerability : CVE-2019-19252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vcswrite in drivers/tty/vt/vcscreen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a. CVE-2019-19252 Not...

Linux Distros Unpatched Vulnerability : CVE-2025-38213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vgacon: Add check for vcorigin address range in vgaconscroll Our in-house Syzkaller reported the following BUG twice, which we believed was the same issue with ...

SUSE CVE-2023-52973

In the Linux kernel, the following vulnerability has been resolved: vcscreen: move load of struct vcdata pointer in vcsread to avoid UAF After a call to consoleunlock in vcsread the vcdata struct can be freed by vcdeallocate. Because of that, the struct vcdata pointer load must be done at the top...

kernel: vt_ioctl: fix array_index_nospec in vt_setactivate

A vulnerability was found in the Linux kernel's vtioctl subsystem, where the vtsetactivate function can lead to a transient integer underflow due to improper handling of the vsa.console value. The vulnerability arises when an out-of-bounds value is decreased before being sanitized using...

RHEL 7 : flatpak (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - flatpak: Metadata with ANSI control codes can cause misleading terminal output CVE-2023-28101 - Flatpak i...

kernel: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF

In the Linux kernel, the following vulnerability has been resolved: vcscreen: move load of struct vcdata pointer in vcsread to avoid UAF After a call to consoleunlock in vcsread the vcdata struct can be freed by vcdeallocate. Because of that, the struct vcdata pointer load must be done at the top...

kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race

A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information...

OESA-2024-1426 flatpak security update

flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. Security Fixes: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions...