CVE-2026-1008

A stored cross-site scripting XSS vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected...

CVE-2026-1008 Stored Cross-Site Scripting in Altium Live User Profile Fields

A stored cross-site scripting XSS vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input sanitization allows authenticated users to inject arbitrary HTML and JavaScript payloads using whitespace-based attribute parsing bypass techniques. The injected...

CVE-2025-60011

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a...

CVE-2025-60011

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a...

CVE-2025-60011

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a...

CVE-2025-60011

CVE-2025-60011 describes an improper check for unusual or exceptional conditions in Juniper Junos OS and Junos OS Evolved rpd, enabling an unauthenticated, network-based attacker to cause availability impact on downstream devices. When a device receives a specific optional transitive BGP attribut...

CVE-2025-60011 Junos OS and Junos OS Evolved: Optional transitive BGP attribute is modified before propagation to peers causing sessions to flap

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an availability impact for downstream devices. When an affected device receives a...

net: openvswitch: fix middle attribute validation in push_nsh() action

...

CVE-2025-71096

An uninitialized memory read flaw was found in the Linux kernel's RDMA netlink subsystem. When processing IP resolution responses RDMANLLSOPIPRESOLVE, the code did not properly validate that the required LSNLATYPEDGID attribute was present. A malformed userspace netlink message missing this...

SUSE CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

CVE-2025-68772

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003288 advisory. In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation wh...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001980)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001980 advisory. Use-after-free vulnerability in the xacctaddtsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002250)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002250 advisory. The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002742 advisory. In the eaget function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002591 advisory. Multiple memory leaks in error paths in fs/xfs/xfsattrlist.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service memory consumption via...

Pimcore access control vulnerability

Pimcore is an open-source web content management platform developed by the Austrian company Pimcore. This platform integrates applications such as web content management, e-commerce frameworks, and product information management. Pimcore has a security vulnerability related to access control, whi...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002777 advisory. In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002281 advisory. The ovlsetattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002864)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002864 advisory. An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service slab out-of-bounds read and BUG can occur for a modified f2fs...