crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

...

CVE-2026-0858

Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to...

CVE-2026-0858

Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to...

PT-2026-3219

Name of the Vulnerable Software and Affected Versions net.sourceforge.plantuml:plantuml versions prior to 1.2026.0 Description The software is susceptible to a Stored Cross-Site Scripting XSS issue because of inadequate sanitization of interactive attributes within GraphViz diagrams. A specially...

Phpwcms security vulnerabilities

Phpwcms is an open-source content management system developed by Phpwcms. Version 1.9.30 of Phpwcms contains a security vulnerability. This vulnerability stems from allowing authenticated attackers to upload malicious SVG files, which could lead to cross-site scripting attacks...

SiYuan cross-site scripting vulnerabilities

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.4-dev2 contained a cross-site scripting vulnerability. This vulnerability stemmed from uncleaned uploaded SVG files, and could lead to storage-based cross-site scripting attacks...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000805)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000805 advisory. Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecifie...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003656)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003656 advisory. In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To...

MiracleLinux 7 : 389-ds-base-1.3.6.1-26.el7 (AXSA:2018-2535:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2535:01 advisory. A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003700 advisory. In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the...

Linux Distros Unpatched Vulnerability : CVE-2026-0858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package net.sourceforge.plantuml:plantuml before 1.2026.0 are vulnerable to Stored XSS due to insufficient sanitization of interactive attribute...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003572 advisory. In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003653 advisory. In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the...

CVE-2021-47783

Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform...

CVE-2020-36929

CVE-2020-36929 concerns Brother BRPrint Auditor 3.0.7, which is vulnerable to an unquoted service path in its Windows services BrAuSvc and BRPA_Agent. The underlying issue allows local attackers to inject a malicious executable and escalate privileges on the system. The documented impact is local...

PT-2026-3156

Name of the Vulnerable Software and Affected Versions Phpwcms version 1.9.30 Description The software contains a file upload issue that permits authenticated attackers to upload malicious SVG files containing JavaScript. Attackers can leverage the multiple file upload functionality to upload...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001797 advisory. The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002528)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002528 advisory. Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecifie...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002372)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002372 advisory. The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002613 advisory. In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue...