CVE-2026-0506

The CVE-2026-0506 issue affects SAP NetWeaver ABAP/ABAP Platform (Application Server ABAP) and is caused by a Missing Authorization Check in an RFC function that can execute FORM routines. An authenticated attacker could write/modify data accessible via FORMs and invoke system functionality expos...

ROS-20260113-7347

A vulnerability in the linkdestruct function in the drivers/gpu/drm/amd/display/dc/link/linkfactory.c module of the amdgpu driver of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality,...

CVE-2022-38996

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-38987

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-38993

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31753

The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31763

The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability...

CVE-2011-0820

Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Kernel...

CVE-2021-27617

The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000356)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000356 advisory. A flaw was found in the Linux kernels implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl...

kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails

A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...

CVE-2025-40898

A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary path...

EUVD-2025-204258

A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary path...

kernel: ip6mr: Fix skb_under_panic in ip6mr_cache_report()

A buffer underwrite vulnerability exists in the linux kernel in the function skbunderpanic in ip6mrcachereport, leading to an attacker, via crafting a payload, could result in damage to system availability and integrity...

kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()

A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...

apache-kafka: Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration

A flaw was found in apache-kafka. This issue occurs due to improper handling of configuration data when using a Kafka client SASL JAAS, allowing an attacker with access to alterConfig for a cluster resource or Kafka Connect worker to inject arbitrary configuration. This injection can lead to the...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()

A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...

kernel: ice: ice_adapter: release xa entry on adapter allocation failure

A NULL pointer dereference exists in the Linux kernel such that ice: iceadapter fails to release a reserved XArray entry when iceadapternew fails. As a result, subsequent insertions at the same index may return -EBUSY, which can lead to damage to system availability, integrity, and confidentialit...

expat: Large number of prefixed XML attributes on a single tag can crash libexpat

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability...