kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

Huawei HarmonyOS Improper Security Check Vulnerability

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei HarmonyOS suffers from an Improper Security Check vulnerability that originates from a vulnerability in the improper standard security check in the card module, which can be exploited by a...

Huawei HarmonyOS Competitive Conditions Vulnerability

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei HarmonyOS suffers from a competitive condition vulnerability, which originates from a competitive condition vulnerability in the audio module, and can be exploited by an attacker to affect...

Huawei HarmonyOS camera framework module multithreaded conditional contention vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A multi-threaded conditional contention vulnerability exists in the Huawei HarmonyOS camera framework module, which can be exploited by attackers to cause an...

Huawei HarmonyOS camera framework module multi-threaded conditional contention vulnerability (CNVD-2026-00621)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A multi-threaded conditional contention vulnerability exists in the Huawei HarmonyOS camera framework module, which can be exploited by an attacker to cause...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-3056050)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which arises from a multi-threaded race condition that can be exploited by an attacker to cause an impac...

Huawei HarmonyOS Multi-threaded Competitive Condition Vulnerability

Huawei HarmonyOS is Huawei's self-developed distributed operating system, designed for cell phones, tablets, smart homes and other full-scene devices to achieve seamless cross-device collaboration. Huawei HarmonyOS suffers from a multi-threaded competitive condition vulnerability that can be...

OPENSUSE-SU-2025:15811-1 keylime-config-7.13.0+40-1.1 on GA media

These are all security issues fixed in the keylime-config-7.13.0+40-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15809-1 firefox-esr-140.6.0-1.1 on GA media

These are all security issues fixed in the firefox-esr-140.6.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15810-1 gio-branding-upstream-2.86.3-1.1 on GA media

These are all security issues fixed in the gio-branding-upstream-2.86.3-1.1 package on the GA media of openSUSE Tumbleweed...

CLSA-2025-1765310530 Update of java-1.8.0-openjdk

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u472-b08 GA...

CLSA-2025-1765310385 Update of java-11-openjdk

Upgrade to openjdk-11.0.29+7 GA...

EUVD-2025-201850

SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...

EUVD-2025-201852

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

EUVD-2025-201854

SAPUI5 and OpenUI5 packages use outdated 3rd party libraries with known security vulnerabilities. When markdown-it encounters special malformed input, it fails to terminate properly, resulting in an infinite loop. This Denial of Service via infinite loop causes high CPU usage and system...

EUVD-2025-201853

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...

EUVD-2025-201918

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...

EUVD-2025-201946

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

CVE-2025-42877

SAP Web Dispatcher, Internet Communication Manager ICM, and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity of the application...

CVE-2025-42874

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...