Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000247)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000247 advisory. TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side...

CVE-2025-14124

The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

EUVD-2026-1042

AIOHTTP Vulnerable to Cookie Parser Warning Storm...

EUVD-2026-1043

AIOHTTP vulnerable to DoS through chunked messages...

CVE-2025-14124 Team < 5.0.11 - Unauthenticated SQLi

The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2025-14124 Team < 5.0.11 - Unauthenticated SQLi

The Team WordPress plugin before 5.0.11 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

PT-2026-1040

Name of the Vulnerable Software and Affected Versions WP User Frontend plugin for WordPress versions up to and including 4.2.4 Description The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress has an...

PT-2026-5524

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the update eth regs async function when asynchronously writing to device registers. If usb submit urb fails, resources allocated up to that point are not released...

PT-2026-6123

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a deadlock issue involving NFSv4.1 state recovery. The deadlock occurs when kthreadd attempts to reclaim memory by calling the nfs release folio function, which...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993179)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993179 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993226)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993226 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in u...

Linux Distros Unpatched Vulnerability : CVE-2023-54323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature...

UBUNTU-CVE-2023-54323

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereference, address: 0000000000000040...

CVE-2023-54323 cxl/pmem: Fix nvdimm registration races

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereference, address: 0000000000000040...

iomap: allocate s_dio_done_wq for async reads as well

...

SUSE CVE-2022-50726

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

CVE-2025-68357 iomap: allocate s_dio_done_wq for async reads as well

In the Linux kernel, the following vulnerability has been resolved: iomap: allocate sdiodonewq for async reads as well Since commit 222f2c7c6d14 "iomap: always run error completions in user context", read error completions are deferred to sdiodonewq. This means the workqueue also needs to be...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the existence of post-release reuse of the asynchronous command interface...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not allocating sdiodonewq for asynchronous reads, which could lead to a failure of error completion processi...

[SECURITY] Fedora 42 Update: mingw-libsoup-2.74.3-14.fc42

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...