671 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: amphion: Fixed issues related to REVERSEINULL reported by Coverity. Null-checking of a pointor was suggested before dereferencing it...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm: zynqmpdp: Fixed integer overflow in zynqmpdprateget This patch addresses a potential integer overflow in zynqmpdprateget. The issue arises when the expression drmdpbwcodetolinkratedp-test.bwcode 10000 is evaluated using...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The default value for “denominator” is initialized to 1. WHAT & HOW Variables that are used as denominators and may not be assigned to other values should be initialized to a non-zero value to avoid “DIVIDEBYZERO...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7921: Resource leaks in mt7921checkoffloadcapability The coverage issue related to resource leaks was fixed. In this case, the variable “fw” goes out of scope, causing the storage it points to to be leaked. This iss...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mei: fixed potential NULLptr dereferencing issues. If SKB allocation fails, continue instead of using a NULL pointer. Coverity CID: 1497650...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The value of UnboundedRequestEnabled was checked. The UnboundedRequestEnabled parameter in CalculateSwathAndDETConfigurationparamsst is a pointer i.e., dmlboolt UnboundedRequestEnabled. Therefore, if...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed a use-after-free in i40eclientsubtask. Currently, the call to i40eclientdelinstance frees the object pf-cinst. However, pf-cinst-laninfo is accessed after the object is freed. This issue was fixed by adding the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013270)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013270 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in skbtstamptx Commit 50749f2dd685 tcp/udp: Fix memleaks of sk and zerocopy skb...
EUVD-2026-16595
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a...
CVE-2026-1496
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a...
CVE-2026-1496 Coverity CLI Authentication Bypass
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a...
CVE-2026-1496
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a...
CVE-2026-1496 Coverity CLI Authentication Bypass
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a...
CVE-2026-1496
Coverity Connect CLI authentication bypass (CVE-2026-1496) affects vulnerable versions of Coverity Connect. The root cause is a missing error handler in the authentication logic for command line tooling, enabling an attacker with access to the /token endpoint to craft a request that bypasses auth...
PT-2026-28312
Name of the Vulnerable Software and Affected Versions Coverity Connect affected versions not specified Description The authentication logic in the command line tooling for Coverity Connect is missing an error handler, leading to a potential authentication bypass. An attacker with access to the...
Synopsys Coverity Connect 安全漏洞
Synopsys Coverity Connect is a web-based platform provided by Synopsys, Inc. It primarily consists of static code analysis tools and dynamic code analysis tools. Synopsys Coverity Connect has security vulnerabilities; one of these vulnerabilities stems from the identity verification logic in the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005116)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005116 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks...
CVE-2018-1000104
A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured keystore and priva...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992771)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992771 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip wbsclsetscalerfilter if filter is null Callers can pass null in filter i.e...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992947)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992947 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize getbytesperelement's default to 1 Variables, used as denominators and...