CLSA-2026-1777541514 binutils: Fix of 3 CVEs

CVE-2025-66862: fix buffer overflow in gnuspecial cplus-dem.c - CVE-2025-66863: fix denial of service in ddiscriminator cp-demangle.c - CVE-2025-66865: fix denial of service in dprintcompinner cp-demangle.c...

CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection

A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

PT-2026-20645

A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysis not.php. This manipulation of the argument comp id causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

Code-Projects Patient Record Management System 安全漏洞

The Code-Projects Patient Record Management System is an open-source medical record management system developed by Code-Projects. Version 1.0 of the Code-Projects Patient Record Management System contains a security vulnerability. This vulnerability stems from incorrect handling of the compid...

CVE-2025-68783

An out-of-bounds write flaw was found in the Linux kernel's ALSA USB mixer driver for Tascam US-16x08 audio interfaces. The getmeterlevelsfromurb function extracts channel indices from USB packets without validating the range. A malicious or malfunctioning USB device can send packets with...

CVE-2025-68790 net/mlx5: Fix double unregister of HCA_PORTS component

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix double unregister of HCAPORTS component Clear hcadevcomcomp in device's private data after unregistering it in LAG teardown. Otherwise a slightly lagging second pass through mlx5unloadone might try to unregister it...

EUVD-2022-55812

In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...

CVE-2022-50749

In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...

kernel: zram: fix NULL pointer in comp_algorithm_show()

In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in compalgorithmshow LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ 3 Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0...

EUVD-2025-36483

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: set the comp soundwire port correctly For some reason we endup with setting soundwire port for HPHLCOMP and HPHRCOMP as zero, this can potentially result in a memory corruption due to accessing and setting ...

CVE-2025-40045 ASoC: codecs: wcd937x: set the comp soundwire port correctly

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: set the comp soundwire port correctly For some reason we endup with setting soundwire port for HPHLCOMP and HPHRCOMP as zero, this can potentially result in a memory corruption due to accessing and setting ...

SUSE CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

EUVD-2025-34589

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

CVE-2023-53669 tcp: fix skb_copy_ubufs() vs BIG TCP

In the Linux kernel, the following vulnerability has been resolved: tcp: fix skbcopyubufs vs BIG TCP David Ahern reported crashes in skbcopyubufs caused by TCP tx zerocopy using hugepages, and skb length bigger than 68 KB. skbcopyubufs assumed it could copy all payload using up to MAXSKBFRAGS...

EUVD-2020-24081

Malware in sbrugna...

EUVD-2023-50468

Malicious code in bioql PyPI...

MAL-2025-46337 Malicious code in tju-comp-arch-lixuewei (npm)

The package tju-comp-arch-lixuewei was found to contain malicious code...

Malicious code in tju-comp-arch-lixuewei (npm)

The package tju-comp-arch-lixuewei was found to contain malicious code...

Malicious code in nudt-comp-arch (npm)

The package nudt-comp-arch was found to contain malicious code...