PT-2026-2185

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 contain a heap-buffer-overflow issue in the...

CVE-2026-22188

Panda3D versions up to and including 1.10.16 deploy-stub contains a denial of service vulnerability due to unbounded stack allocation. The deploy-stub executable allocates argvcopy and argvcopy2 using alloca based directly on the attacker-controlled argc value without validation. Supplying a larg...

CVE-2026-22188

Panda3D up to version 1.10.16 is affected by a DoS due to unbounded stack allocation in the deploy-stub. The deploy-stub allocates argv_copy and argv_copy2 with alloca() based on attacker-controlled argc without validation, which can exhaust stack space and crash the process during Python interpr...

CVE-2019-7886

A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts...

CVE-2019-16141

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

CVE-2025-13529 Unify <= 3.4.9 - Missing Authorization to Unauthenticated Option Deletion via 'unify_plugin_downgrade' Parameter

The Unify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'init' action in all versions up to, and including, 3.4.9. This makes it possible for unauthenticated attackers to delete specific plugin options via the 'unifyplugindowngrad...

WordPress plugin Unify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000508)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000508 advisory. An issue was discovered in slcbump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized canframe data,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000520)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000520 advisory. drivers/gpu/drm/radeon/radeondisplay.c in the Linux kernel 5.2.14 does not check the allocworkqueue return value, leading to a NULL pointer dereference. NOTE: A...

CVE-2026-21677

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have Undefined Behavior in its CIccCLUT::Init function which initializes and sets the size of a CLUT. This issue is fixed in version 2.3.1.1...

CVE-2026-21677 iccDEV has Undefined Behavior in CIccCLUT::Init()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have Undefined Behavior in its CIccCLUT::Init function which initializes and sets the size of a CLUT. This issue is fixed in version 2.3.1.1...

EUVD-2026-1152

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have Undefined Behavior in its CIccCLUT::Init function which initializes and sets the size of a CLUT. This issue is fixed in version 2.3.1.1...

CVE-2026-21677

CVE-2026-21677 affects iccDEV. Versions prior to 2.3.1 have Undefined Behavior in CIccCLUT::Init that initializes and sets the size of a CLUT; this is fixed in version 2.3.1.1. Red Hat and NVD entries describe the issue consistently. The CVSS base score is 8.8 (HIGH) with network attack vector, n...

SUSE CVE-2024-41260

A static initialization vector IV in the encrypt function of netbird management's service from v0.23.2 to v0.29.1 allows attackers to obtain sensitive information email addresses when in possession of the audit events database...

SUSE CVE-2025-68762

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFFDISABLENETPOLL flag. The warning at kernel/workqueue.c:4242 in flushwork occurs because the cleanup...

PT-2026-1407

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.1 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below contain Undefined Behavior in the CIccCLUT::Init function, which initializes and sets...

CVE-2025-68762

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFFDISABLENETPOLL flag. The warning at kernel/workqueue.c:4242 in flushwork occurs because the cleanup...

UBUNTU-CVE-2025-68762

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFFDISABLENETPOLL flag. The warning at kernel/workqueue.c:4242 in flushwork occurs because the cleanup...

CVE-2025-68762

The CVE-2025-68762 issue concerns the Linux kernel netpoll subsystem. The root cause is a cleanup path that cancels a work queue (refill_wq) which had not been initialized when a device with IFF_DISABLE_NETPOLL triggers an early failure in __netpoll_setup(). The documentation states this caused a...

CVE-2025-68762 net: netpoll: initialize work queue before error checks

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFFDISABLENETPOLL flag. The warning at kernel/workqueue.c:4242 in flushwork occurs because the cleanup...