Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003957 advisory. A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the login UI process. An attacker can determine the existence of valid user accounts by submitting arbitrary userIDs and observing the system's response. This can be achieved by iterating through potential userI...

EUVD-2026-2497

In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...

EUVD-2026-2501

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...

EUVD-2026-2558

The Makesweat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'makesweatclubid' setting in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level acce...

EUVD-2026-2628

EUVD-2026-2628...

CVE-2026-20932 Windows File Explorer Information Disclosure Vulnerability

...

EUVD-2026-2249

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

EUVD-2026-2286

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...

EUVD-2026-2322

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't log conflicting inode if it's a dir moved in the current transaction We can't log a conflicting inode if it's a directory and it was moved from one parent directory to another parent directory in the current...

MINI-PX78-QJPX-4X5M

Bulletin has no description...

EUVD-2026-2381

Due to missing authorization check in the SAP ERP Central Component SAP ECC and SAP S/4HANA SAP EHS Management, an attacker could extract hardcoded clear-text credentials and bypass the password authentication check by manipulating user parameters. Upon successful exploitation, the attacker can...

EUVD-2026-2388

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted...

EUVD-2026-2274

phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in removefile.php. The parameter file can cause any file to be deleted...

EUVD-2026-1951

Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier...

CGA-8H2R-M9J3-FWCQ

Bulletin has no description...

CVE-2026-0729

A vulnerability was detected in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /intern/admin/addactivity.php. Performing a manipulation of the argument Title results in sql injection. Remote exploitation of the attack is possible. The exploit is...

CGA-QCRV-G9RG-9346

Bulletin has no description...

CVE-2025-40048

creationtimestamp| type| source ---|---|--- 2026-01-09 13:55:27+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mbynkdmqaw2z 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen|...

CVE-2025-14172

creationtimestamp| type| source ---|---|--- 2026-01-09 13:05:43+00:00| published-proof-of-concept| Telegram/lQa5Bf1VzuIWjy0I3eIwnAwZ1-XZwzRDF1rwq6cLSRe8 2026-01-09 13:26:34+00:00| seen| https://gist.github.com/Darkcrai86/fc10e05be4b101bed5a18118b30342da 2026-01-09 15:00:45+00:00| seen|...