SUSE CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

SUSE CVE-2023-54195

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

SUSE CVE-2023-54269

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprtctxt while still in use When an RPC request is deferred, the rqxprtctxt pointer is moved out of the svcrqst into the svcdeferredreq. When the deferred request is revisited, the pointer is copied into the n...

SUSE CVE-2023-54273

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-993272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993272 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svcxprtput on rpccreate failure On error situation...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992765)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992765 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out...

WordPress Inpersttion For Theme plugin <= 1.0 - Authenticated (Contributor+) Arbitrary Function Call vulnerability

Authenticated Contributor+ Arbitrary Function Call vulnerability discovered by Peter Thaleikis in WordPress Plugin Inpersttion For Theme versions = 1.0...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992971)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992971 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: Fix hung when signal interrupts nbdstartdeviceioctl syzbot reported hung task 1. The followi...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-992911)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992911 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svcxprtput on rpccreate failure On error situation...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992777 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992846 advisory. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix locking in rxrpc's sendmsg Fix three bugs in the rxrpc's sendmsg implementation: 1...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-992983)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992983 advisory. In the Linux kernel, the following vulnerability has been resolved: objtool: Fix memory leak in createstaticcallsections strdup allocates memory for keyname. We need...

RustFS has a gRPC Hardcoded Token Authentication Bypass

Vulnerability Overview Description RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is: 1. Publicly exposed in the source code repository 2. Hardcoded on both client and server sides 3. Non-configurable with no mechanism for token rotation 4. Universally vali...

EUVD-2025-205801

RustFS has a gRPC Hardcoded Token Authentication Bypass...

CVE-2025-69205

Micro Registration Utility µURU is a telephone self registration utility based on asterisk. In versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, an attacker can crafts a special federation name and characters treated special by asterisk can be injected into the Dial...

CVE-2025-68926

RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is publicly exposed in the source code repository, hardcoded on both client and server sides, non-configurable...

EUVD-2023-60372

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprtctxt while still in use When an RPC request is deferred, the rqxprtctxt pointer is moved out of the svcrqst into the svcdeferredreq. When the deferred request is revisited, the pointer is copied into the n...

EUVD-2023-60446

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

CVE-2023-54322

In the Linux kernel, the following vulnerability has been resolved: arm64: set exceptionirqentry with irqentry as a default filterirqstacks is supposed to cut entries which are related irq entries from its call stack. And inirqentrytext which is called by filterirqstacks uses irqentrytextstart/en...

CVE-2023-54273

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...