Updated libinput packages fix security vulnerability

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

[SECURITY] [DSA 6339-1] libinput security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6339-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2026 https://www.debian.org/security/faq -...

Debian dsa-6339 : libinput-bin - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6339 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6339-1 [email protected] https://www.debian.org/security/...

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution

...

CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

CVE-2025-65891

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...

CVE-2025-65891

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...

CVE-2025-65891

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the flow.cuda.getdeviceproperties function. An attacker can cause the application to crash or become unresponsive by supplying an invalid or negative device index. Remediation There is no fixed...

CVE-2025-65891

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.getdeviceproperties with an invalid or negative device index...

PT-2026-5147

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice DoS by invoking flow.cuda.get device properties with an invalid or negative device index...

CVE-2025-65891

CVE-2025-65891 is a vulnerability in OneFlow v0.9.0 where flow.cuda.get_device_properties() accepts an invalid or negative device index, leading to a Denial of Service (DoS). Multiple sources (NVD, Red Hat, OSV, CIRCL, ENISA, Snyk entries) describe a GPU device-ID validation flaw in OneFlow, with...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003658 advisory. A memory leak in the dwc3pciprobe function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003788 advisory. A memory leak in the dwc3pciprobe function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991204)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991204 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devmkmallocarray in fdpncii2creaddeviceproperties devmkmallocarray ma...

CVE-2025-54497

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

CVE-2025-54497 Cognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Permission Assignment for Critical Resource

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

Cognex In-Sight Explorer和Cognex In-Sight Camera Firmware 安全漏洞

Cognex In-Sight Explorer and Cognex In-Sight Camera Firmware are both products of Cognex Corporation, U.S.A. Cognex In-Sight Explorer is a tool that has the ability to debug and program the software of its line of smart cameras.Cognex In-Sight Camera Firmware is the firmware for a range of smart...

CVE-2023-53139

In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devmkmallocarray in fdpncii2creaddeviceproperties devmkmallocarray may fails, fwvsccfg might be null and cause out-of-bounds write in devicepropertyreadu8array later...