477 matches found
PT-2026-43834
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The map direct value addr function of the instruction array map incorrectly adds an offset to the resulting address. This occurs because the resolve pseudo ldimm64 function subsequently...
PT-2026-43925
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A race condition exists in the amphion VPU driver within the Linux kernel. This occurs when v4l2 m2m ctx release frees the m2m ctx context while v4l2 m2m try run is attempting to call devic...
CVE-2025-43290
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system...
PT-2026-43422
Name of the Vulnerable Software and Affected Versions macOS versions prior to Sequoia 15.7 macOS versions prior to Tahoe 26 Description A race condition exists that allows an application to gain root privileges, enabling unauthorized access to system resources. This issue has been exploited in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: Fixed clkhwgetclk when dev is NULL. Any registered clkcore structure may have a NULL pointer in its dev field. Although this has never been officially documented, this is evident from the widespread use of clkregister and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa – Fix for the asyncdisable descriptor leak The paths for disabling asyncdisable in functions like iaacompress and decompress do not free the idxd descriptors when asyncdisable is set. Currently, this issue only occurs...
CVE-2026-43477
In the Linux kernel, the following vulnerability has been resolved: drm/i915/vrr: Configure VRR timings after enabling TRANSDDIFUNCCTL Apparently ICL may hang with an MCE if we write TRANSVRRVMAX/FLIPLINE before enabling TRANSDDIFUNCCTL. Personally I was only able to reproduce a hang on an Dell X...
kernel security update
4.18.0-553.124.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
EUVD-2026-29280
A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination...
EUVD-2026-29217
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.4. An app may be able to gain root privileges...
CVE-2026-28978
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...
CVE-2026-28920
CVE-2026-28920 describes an information-leakage issue that Apple fixed by adding input/validation checks. The vulnerability affects multiple Apple platforms and is mitigated by updates: iOS/iPadOS 18.7.9 and 26.5, macOS Sequoia 15.7.7, Sonoma 14.8.7, Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS ...
CVE-2026-28930
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...
CVE-2026-28986
A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination...
CVE-2026-28996
CVE-2026-28996 affects Apple OS components where a race condition was addressed with additional validation. The advisory notes the issue could allow an app to access sensitive user data and is fixed in specific versions: iOS 26.5 and iPadOS 26.5; macOS Sequoia 15.7.7; macOS Sonoma 14.8.7; macOS T...
CLSA-2026-1778505256 python: Fix of 2 CVEs
CVE-2021-3733: fix ReDoS in urllib2 AbstractBasicAuthHandler regex; the legacy '?:.,' prefix is replaced with the upstream-3.x form '?:^|,' and the scheme charset excludes ',' to prevent quadratic backtracking on crafted WWW-Authenticate headers - CVE-2021-23336: stop accepting ';' as a default...
PT-2026-39824
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5 iPadOS versions prior to 26.5 macOS Tahoe versions prior to 26.5 visionOS versions prior to 26.5 watchOS versions prior to 26.5 Description A permissions issue exists where an app may be able to bypass certain Privac...
PT-2026-39760
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.4. An app may be able to gain root privileges...
PT-2026-39838
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...
UBUNTU-CVE-2026-43353
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that timeout around the same time. However, the function is not serialized and can race with itself...