SUSE CVE-2026-43468

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility that cancellation of the working state update may re-schedule it, potentially...

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

PT-2026-1878

Name of the Vulnerable Software and Affected Versions TIM BPM Suite/TIM FLOW versions through 9.1.2 Description The software contains multiple authorization bypass issues. A user with low privileges can download password hashes belonging to other users, access work items owned by other users,...

CVE-2025-67282

TIM BPM Suite/TIM FLOW (through version 9.1.2) contains multiple Authorization Bypass vulnerabilities that permit a low-privilege user to: download other users’ password hashes, access other users’ work items, modify restricted workflow content, alter the application logo, and manipulate other us...

CVE-2025-64490

SuiteCRM (versions 7.14.7 and earlier; 8.0.0-beta.1 through 8.9.0) has an access-control flaw where a low-privileged user with a restrictive role can view and create work items via Resource Calendar and project screens even when related modules (Projects, Project Tasks, Tasks, Leads, Accounts, Me...

PT-2025-45499

Name of the Vulnerable Software and Affected Versions SuiteCRM versions 7.14.7 and prior SuiteCRM versions 8.0.0-beta.1 through 8.9.0 Description SuiteCRM is a Customer Relationship Management CRM software application. Low-privileged users with restrictive roles can view and create work items...

EUVD-2012-0780

Malware in sbrugna...

EUVD-2025-19171

Malicious code in bioql PyPI...

EUVD-2023-44106

Malicious code in bioql PyPI...

PT-2025-42269

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of timers and work items within the tc358743 device driver. Specifically, the use of timer delete and cancel delayed work does no...

Linux Distros Unpatched Vulnerability : CVE-2025-6186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users ...

Linux Distros Unpatched Vulnerability : CVE-2025-5315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed...

CVE-2025-6186

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...

CVE-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names...

CVE-2025-6186

Removed by vendor...