gatekeeper_wan_poc_server

This is the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013005)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013005 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the...

Medium: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fi...

PT-2026-26661

Name of the Vulnerable Software and Affected Versions MariaDB versions 11.4 prior to 11.4.10 MariaDB versions 11.8 prior to 11.8.6 Description An authenticated user can cause a server crash due to a buffer overflow in dynamic memory heap out-of-bounds write within the JSON SCHEMA VALID function...

EUVD-2025-201571

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: cancel mesh send timer when hdev removed meshsenddone timer is not canceled when hdev is removed, which causes crash if the timer triggers after hdev is gone. Cancel the timer when MGMT removes the hdev, like oth...

AZL-70550 CVE-2025-11731 affecting package libxslt for versions less than 1.1.34-9

A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads...

EUVD-2019-15293

Malware in sbrugna...

UBUNTU-CVE-2023-53564

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents ocfs2defragextent ocfs2moveextent + ocfs2journalaccessdi + ocfs2splitextent //sub-paths call jbd2journalrestart + ocfs2journaldirty...

EUVD-2024-53287

Malicious code in bioql PyPI...

EUVD-2023-33027

Malicious code in bioql PyPI...

CVE-2025-38713 hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc The hfsplusreaddir method is capable to crash by calling hfsplusuni2asc: 667.121659 T9805 ================================================================== 667.122651 T9805...

SUSE CVE-2025-22002

In the Linux kernel, the following vulnerability has been resolved: netfs: Call invalidatecache only if implemented Many filesystems such as NFS and Ceph do not implement the invalidatecache method. On those filesystems, if writing to the cache NETFSWRITETOCACHE fails for some reason, the kernel...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS, which stems from a reuse-after-release issue that could cau...

crash bug fix and enhancement update

An update is available for crash. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.5...

CVE-2022-48982 Bluetooth: Fix crash when replugging CSR fake controllers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

CVE-2024-41042

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection because a cycle will result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

CVE-2024-41042

Based on the provided documents, CVE-2024-41042 affects the Linux kernel nf_tables component. The vulnerability stems from the loop-detection path: nf_tables_check_loops() and its helpers were used to detect cycles in nft chains. The affected code path is nf_tables: the fix replaces or removes lo...

AZL-35271 CVE-2023-40546 affecting package shim-unsigned-x64 for versions less than 15.8-3

A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...

[slackware-security] libcaca

New libcaca packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libcaca-0.99.beta20-i586-1slack15.0.txz: Upgraded. Fixed a crash bug a crafted file defining width of zero leads to divide by zero a...

SUSE CVE-2019-11499

In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message...