Linux Distros Unpatched Vulnerability : CVE-2026-43471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007552)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007552 advisory. In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix usecount leakage when handling boot-on I found a usecount leakage towards...

Security Bulletin: This Power System update is being released to address CVE-2025-38556

Summary The affects the Universal Serial Bus USB ports of the system's management interface. Vulnerability Details CVEID:CVE-2025-38556 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzz...

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to log4j-core

Summary IBM webMethods BPM uses log4j-core for process instance-specific logging in the BPM Process Engine, creating individual log files for each process instance to track execution details, errors, and debugging information separately from the general system logs. Vulnerability Details...

Security Bulletin: Due to the use of Apache Tika, IBM webMethods Integration Server is vulnerable to XML External Entity injection (CVE-2025-66516)

Summary IBM webMethods Integration Server uses Apache Tika for Reference Data functionality and vulnerability reported in Apache Tika is addressed. Vulnerability Details CVEID:CVE-2025-66516 DESCRIPTION: Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parser...

PT-2026-6557

Name of the Vulnerable Software and Affected Versions IBM webMethods Integration Server versions 10.15 through IS 10.15 Core Fix2411.1 to IS 11.1 Core Fix8 Description IBM webMethods Integration Server may reveal sensitive user information within its server responses. Recommendations Update to a...

CVE-2025-71157 RDMA/core: always drop device refcount in ib_del_sub_device_and_put()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ibdelsubdeviceandput Since nldevdeldev introduced by commit 060c642b2ab8 "RDMA/nldev: Add support to add/delete a sub IB device through netlink" grabs a reference using ibdevicegetbyindex...

GHSA-GGFF-9MJ3-7246 mailqueue TYPO3 extension affected by Insecure Deserialization in QueueableFileTransport

Description The extension extends TYPO3’s FileSpool component, which was vulnerable to Insecure Deserialization prior to TYPO3-CORE-SA-2026-004. Since the related fix is overwritten by the extension, using the extension with a patched TYPO3 core version still allows for Insecure Deserialization,...

CVE-2026-0895

The extension extends TYPO3’ FileSpool component, which was vulnerable to Insecure Deserialization prior to TYPO3-CORE-SA-2026-004 https://typo3.org/security/advisory/typo3-core-sa-2026-004 . Since the related fix is overwritten by the extension, using the extension with a patched TYPO3 core...

CVE-2025-71091

In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992991)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992991 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname...

SUSE CVE-2023-54003

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when createah fails If AH create request fails, release sgidattr to avoid GID entry referrence leak reported while releasing GID table...

CVE-2025-68198 crash: fix crashkernel resource shrink

In the Linux kernel, the following vulnerability has been resolved: crash: fix crashkernel resource shrink When crashkernel is configured with a high reservation, shrinking its value below the low crashkernel reservation causes two issues: 1. Invalid crashkernel resource objects 2. Kernel crash i...

kernel security update

3.10.0-1160.119.1.0.14 - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373 Orabug: 38644370 - nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 Orabug: 38644370 - netsched: hfsc: Fix a...

PT-2025-47639

Name of the Vulnerable Software and Affected Versions IBM webMethods Integration versions 10.11 through 10.11 Core Fix22 IBM webMethods Integration versions 10.15 through 10.15 Core Fix22 IBM webMethods Integration versions 11.1 through 11.1 Core Fix6 Description IBM webMethods Integration allows...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2023-53433 net: add vlan_get_protocol_and_depth() helper

In the Linux kernel, the following vulnerability has been resolved: net: add vlangetprotocolanddepth helper Before blamed commit, pskbmaypull was used instead of skbheaderpointer in vlangetprotocol and friends. Few callers depended on skb-head being populated with MAC header, syzbot caught one of...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...

SUSE-SU-2025:20686-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5

This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 - CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...

SUSE-SU-2025:20633-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2025-38079: crypto: algifhash - fix double free in hashaccept bsc1245218 - CVE-2025-38083: netsched: prio: fix a race in priotune bsc1245350 - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350...