Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – Fix for the ADFDEVRESETSYNC memory leak Using completiondone to determine whether the caller has gone away only works after a complete call. Furthermore, it’s still possible that the caller hasn’t yet called...

CVE-2026-46771

Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: Java Business Objects. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the...

EUVD-2026-32442

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...

CVE-2026-46060 crypto: qat - fix IRQ cleanup on 6xxx probe failure

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...

CVE-2026-46060

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...

PT-2026-43927

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the crypto: qat component where IRQ handlers are not properly detached when adf dev up partially completes and then fails. Because the device is enabled with pcim enab...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – The ADFSTATUSPFRUNNING flag should be set after adfdevinit. The ADFSTATUSPFRUNNING flag is only used and checked by adfvf2pfshutdown before calling adfiovputmsg-mutexlockvf2pflock. However, vf2pflock is initialized ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – resolves a race condition during AER recovery During the error recovery process of the PCI AER system, the kernel driver may encounter a race condition related to the freeing of the resetdata structure’s memory. If...

Oracle Application Development Framework 安全漏洞

The Oracle Application Development Framework is an enterprise-level application development framework developed by Oracle, a company in the United States. Versions 12.2.1.4.0 and 14.1.2.0.0.0 of the Oracle Application Development Framework contain security vulnerabilities. These vulnerabilities...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: SNYK:JS-BRACEEXPANSION-15789759...

@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: OSV:GHSA-F886-M6HF-6M8V...

Exploit for Deserialization of Untrusted Data in Oracle Application_Development_Framework

CVE-2022-21445 Exploit - PoC This toolkit generates exploit p...

EUVD-2025-147783

Malicious code in tehah-nuia-adf npm...

Malicious code in polymer-intsi-adf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d6f6803fe6fb84ac1a8eeb84ad8e9aa2d96406644709facfb7bbf0446bfeb0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in polymer-ini-adf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 832c1c99d14408568497be44cbfefe7c07de60e230a23fea28185bc516ca3e19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tehah-murs-adf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0d1bb2cb05d974d6410d75b7dbe85b9c04135516d1f868d6f9d33c6de86ea57 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-147829

Malicious code in tehah-mans-adf npm...

EUVD-2025-147775

Malicious code in tehah-nutawadr-adf npm...

EUVD-2025-147828

Malicious code in tehah-mansaat-adf npm...

EUVD-2025-147826

Malicious code in tehah-mansat-adf npm...