CVE-2026-1000 MailerLite - WooCommerce integration <= 3.1.3 - Missing Authorization to Data Deletion

The MailerLite - WooCommerce integration plugin for WordPress is vulnerable to unauthorized data modification and deletion in all versions up to, and including, 3.1.3. This is due to missing capability checks on the resetIntegration function. This makes it possible for authenticated attackers, wi...

MiracleLinux 7 : ntp-4.2.6p5-22.2.0.1.el7.AXS7 (AXSA:2016-476:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-476:01 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004062 advisory. A flaw was found in Linux Kernel because access to the global variable fgconsole is not properly synchronized leading to a use after free in confontop. Tenable has...

MiracleLinux 7 : chrony-2.1.1-1.0.1.el7.AXS7 (AXSA:2015-927:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-927:01 advisory. A client/server for the Network Time Protocol, this program keeps your computer's clock accurate. It was specially designed to support systems with...

MiracleLinux 4 : ntp-4.2.6p5-5.2.0.1.AXS4 (AXSA:2015-521:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-521:05 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000606)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000606 advisory. The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization...

MiracleLinux 4 : ntp-4.2.6p5-10.2.0.1.AXS4 (AXSA:2017-1289:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1289:01 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002163 advisory. The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001846 advisory. The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization...

CVE-2026-21221

Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...

CVE-2026-20830

Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...

CVE-2026-20836

Concurrent execution using shared resource with improper synchronization 'race condition' in Graphics Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-20867

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2026-20814

Concurrent execution using shared resource with improper synchronization 'race condition' in Graphics Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-20853

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privileges locally...

[SECURITY] Fedora 43 Update: chezmoi-2.69.0-1.fc43

Manage your dotfiles across multiple diverse machines, securely...

kernel: Bluetooth: hci_conn: Fix crash on hci_create_cis_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix crash on hcicreatecissync When attempting to connect multiple ISO sockets without using DEFERSETUP may result in the following crash: BUG: KASAN: null-ptr-deref in hcicreatecissync+0x18b/0x2b0 Read of size...

AmbShield: Enhancing Physical Layer Security with Ambient Backscatter Devices against Eavesdroppers

Passive eavesdropping compromises confidentiality in wireless networks, especially in resource-constrained environments where heavyweight cryptography is impractical. Physical layer security PLS exploits channel randomness and spatial selectivity to confine information to an intended receiver wit...

ROS-20260114-7325

A vulnerability in the sound/core/seq/oss/seqosssynth.c module of the Linux operating system kernel is related to synchronization errors when using a shared resource "Race Situation" when processing SysEx messages. Exploitation of the vulnerability could allow an attacker to cause a denial of...

ROS-20260114-7326

A vulnerability in the hcicblist function of the Linux kernel Bluetooth driver is related to synchronization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...