Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005737 advisory. In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balanc...

EUVD-2026-9178

An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME...

CVE-2026-0995

An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME...

CVE-2026-0995

An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME...

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2026:0669-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0669-1 advisory. - Intel CPU Microcode was updated to the 20260210 release bsc1258046 - CVE-2024-24853: Updated fix for incorrect behavior order in transition...

JeeSite 安全漏洞

JeeSite is a Java rapid development platform open-sourced by Jinan Zhuoyuan thinkgem. JeeSite versions 5.15.1 and earlier have security vulnerabilities, which stem from operations on the connection processor component, potentially leading to path traversal attacks...

SUSE SLES11 Security Update : ucode-intel (SUSE-SU-2026:0670-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0670-1 advisory. - Intel CPU Microcode was updated to the 20260210 release bsc1258046 - CVE-2024-24853: Updated fix for incorrect behavior order in transition...

OESA-2026-1440 microcode_ctl security update

This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity atta...

microcode_ctl bug fix and enhancement update

An update is available for microcodectl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The microcodectl packages provide microcode updates for Intel and AMD...

CLSA-2026-1772120702 Update of linux-firmware

Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F81ver:0x0B008121, cpuid:0x00B20F40ver:0x0B204037, cpuid:0x00B40F40ver:0x0B404035, cpuid:0x00B40F41ver:0x0B404108, cpuid:0x00B60F00ver:0x0B600037, cpuid:0x00B60F80ver:0x0B608038, cpuid:0x00B70F00ver:0x0B700037; - Update AMD CPU...

SUSE-SU-2026:0669-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20260210 release bsc1258046 - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a...

Important: Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.9.0 release

Red Hat build of OpenTelemetry 3.9.0 has been released This release of the Red Hat build of OpenTelemetry provides new features, security improvements, and bug fixes. Breaking changes: The deprecated OpenCensus Receiver, which provided backward compatibility with the OpenCensus project for easier...

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

USN-8028-8: Linux kernel (IBM) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594...

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

USN-8029-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

CVE-2026-26283

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a continue statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger ...