SUSE CVE-2026-42338

ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group and Address6.link do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage emitted by the Address6...

LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang()

...

PT-2026-44279

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the LoongArch architecture where the loongson gpu fixup dma hang function may fail to handle certain switch cases. This can lead to an Address Detection Error ADE...

CVE-2026-42338

ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group and Address6.link do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage emitted by the Address6...

ip-address 跨站脚本漏洞

ip-address is a JavaScript library developed by Beau Gunderson, designed for verifying and manipulating IPv4 and IPv6 addresses. Versions prior to 10.1.1 of ip-address had a cross-site scripting vulnerability. This vulnerability stemmed from the Address6.group and Address6.link methods not proper...

CVE-2025-71270

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38158)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38158 advisory. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address erro...

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: hisiaccvfiopci: fixed the XQE DMA address error. The DMA addresses of EQE and AEQE are incorrect after migration, resulting in failures in the guest kernel-mode encryption services. By comparing the definitions of hardware...

EUVD-2025-19786

Malicious code in bioql PyPI...

EUVD-2022-54481

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after...

hisi_acc_vfio_pci: fix XQE dma address error

...

firefox: thunderbird: Large branch table could lead to truncated instruction

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...

firefox: thunderbird: Large branch table could lead to truncated instruction

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...

CVE-2025-38158

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2025-38158

CVE-2025-38158 affects the Linux kernel (hisi_acc_vfio_pci) and fixes an XQE/AEQE DMA address error observed after migration. The root cause is an incorrect address construction when reading hardware registers, causing wrong DMA addresses for EQE/AEQE and guest kernel‑mode encryption services to ...

CVE-2025-38158 hisi_acc_vfio_pci: fix XQE dma address error

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2025-38158 hisi_acc_vfio_pci: fix XQE dma address error

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2024-53072 platform/x86/amd/pmc: Detect when STB is not available

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amdpmc module as: amdpmc enablestb=1 ...can result in the following messages in the kernel ring buffer: amdpmc AMDI0009:00: SMU cmd failed. err: 0xff ioremap on R...

The vulnerability of the application software interface of Juniper Networks Junos OS Evolved allows a hacker to circumvent security restrictions.

The vulnerability of the application software interface of Juniper Networks Junos OS Evolved relates to incorrect comparison of subnet addresses. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions from a remote location...