CVE-2017-20230

Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...

BIT-AIRFLOW-2026-30912 Apache Airflow: Exposing stack trace in case of constraint error

In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/exposestacktraces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue...

CLSA-2026-1776760883 poppler: Fix of CVE-2025-32364

CVE-2025-32364: fix floating-point exception in PSStack::roll when handling malformed PostScript input with INTMIN...

Updated libtiff packages fix security vulnerabilities

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144...

MGASA-2026-0105 Updated libtiff packages fix security vulnerabilities

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144...

EUVD-2026-23950

Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...

PJSIP 安全漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP versions 2.16 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the...

Perl 安全漏洞

Perl is a general-purpose, interpreted, dynamic, and cross-platform programming language developed by the Perl community. Versions of Perl prior to 3.05 contained security vulnerabilities. These vulnerabilities stemmed from the retrievehook function, which stored the length of class names as...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013251 advisory. The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kern...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010956)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010956 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stac...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006923)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006923 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010725 advisory. A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013327 advisory. In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed...

nest 安全漏洞

Nest is a Node.js framework developed by NestJS, designed for building efficient, scalable, and enterprise-level server-side applications using TypeScript/JavaScript. Versions of Nest prior to 11.1.19 contained a security vulnerability. This vulnerability stemmed from the recursive invocation of...

PT-2026-34170

Name of the Vulnerable Software and Affected Versions PJSIP versions 2.16 and earlier Description A stack buffer overflow occurs in the pjsip auth create digest2 function when using pre-computed digest credentials PJSIP CRED DATA DIGEST. The function copies credential data using the cred...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011059)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011059 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010867)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010867 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007008)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007008 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012960)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012960 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stac...

PT-2026-33993

Name of the Vulnerable Software and Affected Versions Storable versions prior to 3.05 Description A stack overflow exists in the retrieve hook function. The issue occurs because the length of the class name is stored as a signed integer but is treated as unsigned during read operations, allowing ...