5101 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001611)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001611 advisory. A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index aft...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003874)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003874 advisory. A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an...
Unity Linux 20.1060e Security Update: kernel (UTSA-2026-004638)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004638 advisory. A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The...
CVE-2025-41717 Config-Upload Code Injection
An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of confidentiality, availability and integrity due to improper control of code generation 'Code...
CVE-2026-0506
The CVE-2026-0506 issue affects SAP NetWeaver ABAP/ABAP Platform (Application Server ABAP) and is caused by a Missing Authorization Check in an RFC function that can execute FORM routines. An authenticated attacker could write/modify data accessible via FORMs and invoke system functionality expos...
ROS-20260113-7347
A vulnerability in the linkdestruct function in the drivers/gpu/drm/amd/display/dc/link/linkfactory.c module of the amdgpu driver of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality,...
CVE-2022-38996
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...
CVE-2022-38987
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...
CVE-2022-38993
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...
CVE-2022-31753
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...
CVE-2022-31763
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability...
CVE-2011-0820
Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Kernel...
CVE-2021-27617
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000356)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000356 advisory. A flaw was found in the Linux kernels implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...
CVE-2025-40898
A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary path...
EUVD-2025-204258
A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary path...
kernel: ip6mr: Fix skb_under_panic in ip6mr_cache_report()
A buffer underwrite vulnerability exists in the linux kernel in the function skbunderpanic in ip6mrcachereport, leading to an attacker, via crafting a payload, could result in damage to system availability and integrity...
kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...
apache-kafka: Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration
A flaw was found in apache-kafka. This issue occurs due to improper handling of configuration data when using a Kafka client SASL JAAS, allowing an attacker with access to alterConfig for a cluster resource or Kafka Connect worker to inject arbitrary configuration. This injection can lead to the...