Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.3. Security issues fixed: CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of-bounds read and an integer underflow bsc1254208...

UBUNTU-CVE-2025-68281

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...

CVE-2025-68281

The CVE-2025-68281 entry concerns the Linux kernel ASoC SDCA component. The root cause is a mismatch in the sdca_control structure where the values field is declared as an integer array but memory was allocated as a char array, causing a crash in the sdca_parse_function API. A patch was applied t...

CVE-2025-40354 drm/amd/display: increase max link count and fix link->enc NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: increase max link count and fix link-enc NULL pointer access why 1. dc-linksMAXLINKS array size smaller than actual requested. maxconnector + maxdpia + 4 virtual = 14. increase from 12 to 14. 2. hwinit access nul...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an undersized dc-links array and a NULL pointer access issue that could cause the kernel to crash...

ROS-20251216-7309

Vulnerability in guacamole-server related to unchecked array indexing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

ROS-20251216-7308

Vulnerability in guacamole related to unchecked array indexing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

EUVD-2025-203301

A vulnerability was identified in Campcodes Supplier Management System 1.0. This issue affects some unknown processing of the file /admin/viewunit.php. The manipulation of the argument chkId leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available a...

PT-2025-51166

A vulnerability was identified in Campcodes Supplier Management System 1.0. This issue affects some unknown processing of the file /admin/view unit.php. The manipulation of the argument chkId leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available...

SUSE CVE-2025-7709

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds...

Account Hijacking

prestashop/pscheckout is vulnerable to Account hijacking. The vulnerability is due to the incorrect use of arraysearch in the backoffice logic, which allows an attacker to hijack the targeted PayPal merchant account...

MGASA-2025-0325 Updated webkit2 packages fix security vulnerabilities

A website may be able to exfiltrate sensitive system information. Description: The issue was addressed through improved state checks - CVE-2025-13947. Processing maliciously crafted web content may lead to an unexpected process crash. Description: Multiple issues were addressed by disabling array...

EUVD-2022-55707

In the Linux kernel, the following vulnerability has been resolved: power: supply: adp5061: fix out-of-bounds read in adp5061getchgtype ADP5061CHGSTATUS1CHGSTATUS is masked with 0x07, which means a length of 8, but adp5061chgtype array size is 4, may end up reading 4 elements beyond the end of th...

EUVD-2022-55717

In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been...

SUSE CVE-2022-50623

In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...

SUSE CVE-2023-53748

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...

SUSE CVE-2025-40303

In the Linux kernel, the following vulnerability has been resolved: btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task context, I noticed a crash in generic/388, where metadata writes...

CVE-2022-50649 power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()

In the Linux kernel, the following vulnerability has been resolved: power: supply: adp5061: fix out-of-bounds read in adp5061getchgtype ADP5061CHGSTATUS1CHGSTATUS is masked with 0x07, which means a length of 8, but adp5061chgtype array size is 4, may end up reading 4 elements beyond the end of th...

Secure Wireless Communication Using Distributed Coherent Transmission and Spatial Signal Decomposition

We present a new approach to secure wireless communications using coherent distributed transmission of signals that are spatially decomposed between a two-element distributed antenna array. High-accuracy distributed coordination of microwave wireless systems supports the ability to transmit...

CVE-2023-53748

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...