EulerOS 2.0 SP13 : glib-networking (EulerOS-SA-2026-1237)

According to the versions of the glib-networking package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003871 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...

PT-2025-32159 · Nvidia · Nvidia Triton Inference Server

Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server affected versions not specified Description: NVIDIA Triton Inference Server contains an issue in the Python backend that could allow an attacker to cause an out-of-bounds write. Successful exploitation of this...

CVE-2024-40746

A stored cross-site scripting XSS vulnerability in HikaShop Joomla Component 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload in the description parameter of any product. The description parameter is not sanitised in the...

CVE-2020-26270

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

USN-6724-1 linux, linux-aws, linux-azure, linux-azure-6.5, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-starfive, linux-starfive-6.5 vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

New Relic: [NR Insights] Pull any Insights/NRQL data from any NR account

@jonbottarini discovered an issue where a feature within a cloud integration wasn't properly validating account IDs. This report helped us identify a backend issue that could prevent account validation from taking place in certain situations. This was a fun one! The full writeup is for this bug i...

Error in handleInterruptedCoalesceLeaf when trying to scan the Storage on XenServer

Error in XenCenter - SR failed to complete the operation Error in /var/log/SMlog -25840 2012-12-14 10:52:35.402274 lock: released /var/lock/sm/lvm-579fdc35-f120-398e-397e-b12179c9531c/83b6fcfd-e9ed-432b-b662-d8d28f9ccca525840 2012-12-14 10:52:35.402380 lock: closed...

USN-2974-1 qemu, qemu-kvm vulnerabilities

Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-2391 Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A...