17712 matches found
CVE-2026-6437
Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver aws-efs-csi-driver before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To remediate this issue, users...
Chromium: CVE-2026-6360 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
USN-8187-1 linux-nvidia-tegra, linux-nvidia-tegra-igx vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
USN-8187-1: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
USN-8186-1 linux-intel-iot-realtime, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
USN-8180-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
USN-8180-2 linux-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...
USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
EUVD-2025-209517
Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an insufficiently protected credentials vulnerability. A low privileged attacker with...
USN-8184-1: Linux kernel (Real-time) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8183-1: Linux kernel (GCP) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8177-1: Linux kernel vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
MAL-2026-2837 Malicious code in solanakit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3e8770458eab636335241e359b6cee149cc00640fb2418b4462c89ec88accc93 During import, the code downloads and starts a malicious package hosted on GitHub. It then first ensures persistency e.g., through the autostart registry key...
Dell PowerProtect Data Domain 安全漏洞
Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. Security vulnerabilities exist in versions 7.7.1.0 to 8.5 of Dell PowerProtect Data Domain BoostFS, as well as in versions 8.3.1.0 to...
PT-2026-33485
Name of the Vulnerable Software and Affected Versions AWS EFS CSI Driver versions prior to v3.0.1 Description Improper neutralization of argument delimiters in the volume handling component allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-007339)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007339 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid rep...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007623)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007623 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix crash in nfsd4readrelease When tracing is enabled, the tracenfsdreaddone trace point...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007414)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007414 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds i...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007557)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007557 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007432)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007432 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extentmap for free space inode on write error While running the CI for an...