PT-2026-29028

Name of the Vulnerable Software and Affected Versions osrg GoBGP versions through 4.3.0 Description A security issue exists in osrg GoBGP up to version 4.3.0. The issue resides in the DecodeFromBytes function within the pkg/packet/bgp/bgp.go file, specifically in the BGP OPEN Message Handler...

PT-2026-22234

Name of the Vulnerable Software and Affected Versions Crypt::SysRandom::XS versions prior to 0.010 Description The software contains a flaw in the random bytes function where it does not properly validate the input length parameter. Supplying a negative value for length can lead to an integer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992947)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992947 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize getbytesperelement's default to 1 Variables, used as denominators and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993238)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993238 advisory. In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993065)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993065 advisory. In the Linux kernel, the following vulnerability has been resolved: net: bgmac: Fix a BUG triggered by wrong bytescompl On one of our machines we got: kernel BUG at...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992683 advisory. In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992518 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInReques...

SUSE CVE-2023-54011

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix an issue found by KASAN Write only correct size 32 instead of 64 bytes...

CVE-2022-50756

The CVE-2022-50756 issue affected Linux kernel NVMe-PPCI path where mempool allocation size for PRP lists could be inadequate, causing memory corruption in worst case when 4MB across 127 phys segments requires 2 PRP Lists (previously rounded to 1). A fix was implemented by converting the max size...

CVE-2023-54011

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix an issue found by KASAN Write only correct size 32 instead of 64 bytes...

CVE-2022-50689 Cobian Reflector 0.9.93 RC1 Local Denial of Service via Password Field

Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration...

CVE-2025-66908

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormDatacontentType =...

CVE-2025-62000

BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other...

CVE-2023-53950

CVE-2023-53950 affects InnovaStudio WYSIWYG Editor 5.4. The vulnerability is an unrestricted file upload via filename manipulation that bypasses file extension restrictions, enabling attackers to upload malicious ASP shells by using null byte techniques and alternate file extensions to circumvent...

EUVD-2025-204533

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormDatacontentType =...

CVE-2025-66908

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormDatacontentType =...

CVE-2025-66908

Turms AI-Serving module (v0.10.0-SNAPSHOT and earlier) has an improper file type validation in the OCR image upload feature. The OcrController relies on client-provided Content-Type headers and file extensions, without validating file content via magic bytes. This can enable uploading arbitrary f...

CVE-2025-62000

BullWall Ransomware Containment may not always detect an encrypted file. This issue affects a specific file inspection method that evaluates file content based on header bytes. An authenticated attacker could encrypt files, preserving the first four bytes and preventing this particular method fro...

CVE-2025-62000

BullWall Ransomware Containment has an incomplete file-inspection mechanism that relies on header-byte evaluation. An authenticated attacker could encrypt a file while leaving the first four bytes unchanged, bypassing this specific detection method. The issue is limited: BullWall also employs add...

CVE-2025-62000 BullWall Ransomware Containment incomplete file inspection

BullWall Ransomware Containment may not always detect an encrypted file. This issue affects a specific file inspection method that evaluates file content based on header bytes. An authenticated attacker could encrypt files, preserving the first four bytes and preventing this particular method fro...