CVE-2026-31783

A flaw was found in the Linux kernel's spi: amlogic: spifc-a4 module. The on-host NAND Error-Correcting Code ECC engine was not properly unregistered when the probe failed or during device removal. This missing cleanup could lead to resource leaks, potentially causing system instability or a deni...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013850)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013850 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdmav40ip is shared on ...

Cryptanalysis of Pseudorandom Error-Correcting Codes

Pseudorandom error-correcting codes PRC is a novel cryptographic primitive proposed at CRYPTO 2024. Due to the dual capability of pseudorandomness and error correction, PRC has been recognized as a promising foundational component for watermarking AI-generated content. However, the security of PR...

EUVD-2025-31844

A vulnerability was identified in itsourcecode Leave Management System 1.0. This affects an unknown function of the file /reset.php. Such manipulation of the argument employid leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2023-53628

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq is retired in gfx11. In gfxv110hwfini still use amdgpuirqput to disable this interrupt, which caused the call trace in this function. 102.873958 Call Trace:...

EUVD-2016-3316

Malware in sbrugna...

CVE-2025-39907 mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: stm32fmc2: avoid overlapping mappings on ECC buffer Avoid below overlapping mappings by using a contiguous non-cacheable buffer. 4.077708 DMA-API: stm32fmc2nfc 48810000.nand-controller: cacheline tracking EEXIST,...

CVE-2025-39893 spi: spi-qpic-snand: unregister ECC engine on probe error and device remove

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: unregister ECC engine on probe error and device remove The on-host hardware ECC engine remains registered both when the spiregistercontroller function returns with an error and also on device removal. Change...

mtd: spinand: fix memory leak of ECC engine conf

...

A Locally Differential Private Coding-Assisted Succinct Histogram Protocol

A succinct histogram captures frequent items and their frequencies across clients and has become increasingly important for large-scale, privacy-sensitive machine learning applications. To develop a rigorous framework to guarantee privacy for the succinct histogram problem, local differential...

UBUNTU-CVE-2024-56771

In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information These four chips: W25N512GW W25N01GW W25N01JW W25N02JW all require a single bit of ECC strength and thus feature an on-die Hamming-like ECC engine. There is no...

SUSE CVE-2024-50190

In the Linux kernel, the following vulnerability has been resolved: ice: fix memleak in iceinittxtopology Fix leak of the FW blob DDP pkg. Make icecfgtxtopo const-correct, so iceinittxtopology can avoid copying whole FW blob. Copy just the topology section, and only when needed. Reuse the buffer...

SUSE CVE-2024-26873

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be found: 4613.652388...

CVE-2024-26827

Removed by vendor...

Windows Shell Infrastructure Component Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit this vulnerability, an attacker would first have to log on ...

Windows Runtime Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...

Windows Error Reporting Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows Error Reporting WER when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. An attacker who successfully exploited the vulnerability could gain greater access to...

Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project. To exploit this vulnerability, an attacker would first have...

Visual Studio Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions. An attacker who successfully exploited this vulnerability overwrite arbitrary files with XML content in the security context of the local system. To exploit this vulnerabilit...

Windows GDI Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could explo...