The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple…

A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A…

A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to…

A vulnerability was found in the Linux kernel’s EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local…

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing,…

A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP…

An out-of-bounds (OOB) memory access flaw was found in the Linux kernel’s eBPF due to an Improper Input Validation. This flaw allows a local attacker…

A NULL pointer dereference flaw was found in GnuTLS. As Nettle’s hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This…

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server…

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the uri-template-lite npm package, when an attacker is able to supply arbitrary input…