Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010686)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010686 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamondlock DAMON debugfs interface iterates...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012982)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012982 advisory. In the Linux kernel, the following vulnerability has been resolved: qed: Don't collect too many protection override GRC elements In the protection override dump path...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the managed authenticated encryptor while computing HMAC validation tag. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Note: Shared framework...

CLSA-2026-1776441540 expat: Fix of 4 CVEs

CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...

ROS-20260420-73-0025

Vulnerability in python-aiohttp related to lack of service data protection. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

TeamT5 ThreatSonar Anti-Ransomware 安全漏洞

TeamT5 ThreatSonar Anti-Ransomware is an active and intelligent endpoint detection and response solution provided by TeamT5. TeamT5 ThreatSonar Anti-Ransomware has a security vulnerability, which stems from an OS command injection issue. This vulnerability could allow authenticated remote attacke...

PT-2026-33722

A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...

ejabberd -- Potential DDoS in XML Parser

ejabberd team reports: This release adds new options that limit max memory used by XML parser used to process XMPP payloads, to prevent potential Denial of Service attack. The default values for pre-auth provide sufficient protection for ejabberd against non-authenticated users on c2s and s2s, so...

ROS-20260420-73-0037

Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Bit-Flip Vulnerability of Shared KV-Cache Blocks in LLM Serving Systems

Rowhammer on GPU DRAM has enabled adversarial bit flips in model weights; shared KV-cache blocks in LLM serving systems present an analogous but previously unexamined target. In vLLM's Prefix Caching, these blocks exist as a single physical copy without integrity protection. Using software fault...

DjangoBlog 安全漏洞

DjangoBlog is a blog system developed by liangliangyy using Django. Versions of DjangoBlog 2.1.0.0 and earlier have security vulnerabilities. These vulnerabilities stem from operations on the owntracks/views.py file, which results in a lack of authentication protection, potentially allowing for...

ChurchCRM 安全漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.2.0 contained security vulnerabilities. These vulnerabilities stemmed from the family record deletion endpoint, which performed permanent deletions via a pure GET request without verifying the CSRF...

CVE-2026-21733 RESERVED

Vulnerability in Imagination Technologies Graphics DDK on Linux, Android -- RESERVED...

CVE-2026-21733 RESERVED

Vulnerability in Imagination Technologies Graphics DDK on Linux, Android -- RESERVED...

CVE-2025-70795

STProcessMonitor 11.11.4.0, part of the Safetica Application suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...

SUSE CVE-2023-20585

Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity...

Security update for NetworkManager

This update for NetworkManager fixes the following issue: CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

CVE-2025-15622

Insufficiently Protected Credentials vulnerability in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client reveals plaintext OAuth2 client secretDesktop client decodes the secret and uses the plaintext secret to exchange it into an access and id tokens as part of the OpenID authentication fl...

ROS-20260417-73-0035

Vulnerability in zabbix7.2 related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007481 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages...