Huawei EMUI and Huawei HarmonyOS Communication Module Address Reading Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An address reading vulnerability exists in the Huawei EMUI and Huawei HarmonyOS communication module, which can b...

PT-2026-7589

Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability...

openQA-5.1770718745.ce2072d3-1.1 on GA media (moderate)

openQA-5.1770718745.ce2072d3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10168-1 Rating: moderate Cross-References: CVE-2026-25547 CVSS scores: CVE-2026-25547 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-25547 SUSE : 8.7...

libp11-kit0-0.26.2-1.1 on GA media (moderate)

libp11-kit0-0.26.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10169-1 Rating: moderate Cross-References: CVE-2026-2100 CVSS scores: CVE-2026-2100 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-2100 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

libxml2-16-2.14.5-3.1 on GA media (moderate)

libxml2-16-2.14.5-3.1 on GA media Announcement ID: openSUSE-SU-2026:10167-1 Rating: moderate Cross-References: CVE-2025-10911 CVE-2026-1757 CVSS scores: CVE-2025-10911 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-10911 SUSE : 6.8...

Oracle Linux 10 : pcs (ELSA-2026-2438)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2438 advisory. 0.12.1-1.el101.2 - Fixed CVE-2025-13465 by updating pcs-web-ui to 0.1.23.1 Resolves: RHEL-144292 Tenable has extracted the preceding description block directly...

OPENSUSE-SU-2026:10182-1 snpguest-0.10.0-2.1 on GA media

These are all security issues fixed in the snpguest-0.10.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10179-1 python311-maturin-1.11.5-1.1 on GA media

These are all security issues fixed in the python311-maturin-1.11.5-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10181-1 sccache-0.13.0~1-2.1 on GA media

These are all security issues fixed in the sccache-0.13.01-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10180-1 rustup-1.28.2~0-3.1 on GA media

These are all security issues fixed in the rustup-1.28.20-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10177-1 gnutls-3.8.12-1.1 on GA media

These are all security issues fixed in the gnutls-3.8.12-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10174-1 assimp-devel-6.0.4-1.1 on GA media

These are all security issues fixed in the assimp-devel-6.0.4-1.1 package on the GA media of openSUSE Tumbleweed...

Important: Red Hat Security Advisory: Insights proxy Container Image

Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...

CVE-2024-36311

CVE-2024-36311 describes a TOCTOU race in the SMM communications buffer that could allow a privileged attacker to bypass input validation and perform an out-of-bounds read or write, potentially impacting confidentiality, integrity, and availability. The Red Hat, NVD, CVE lists and vendor advisori...

CVE-2024-36311

A Time-of-check time-of-use TOCTOU race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2026-2245

A vulnerability was identified in CCExtractor up to 183. This affects the function parsePAT/parsePMT in the library src/libccx/tstables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

CVE-2025-31655

Incorrect default permissions for some IntelR Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

CVE-2025-27560

Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...

CVE-2025-32003

Out-of-bounds read in the firmware for some 100GbE IntelR Ethernet Network Adapter E810 before version cvl fw 1.7.6, cpk 1.3.7 within Ring 0: Bare Metal OS may allow a denial of service. Network adversary with an authenticated user combined with a low complexity attack may enable denial of servic...

CVE-2025-31944

CVE-2025-31944 concerns a race condition in certain Intel TDX Module implementations prior to tdx1.5, within Ring 0 hypervisor code. The issue may allow a denial of service when a privileged local attacker with high complexity performs a deliberate race condition under local access, with no user ...