Astra Linux - уязвимость в ffmpeg

Buffer overflow vulnerability in FFmpeg 4.2, located in the filteredges function in libavfilter/vfyadif.c, which could allow a remote malicious user to cause a Denial of Service attack...

Astra Linux – Vulnerability in Pixman

In libpixman in Pixman before version 0.42.2, there is an out-of-bounds write vulnerability also known as a heap-based buffer overflow in the rasterizeedges8 function, due to an integer overflow in the pixmansamplefloory function...

JLSEC-2026-175

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an integer overflow in pixmansamplefloory...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011313 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to preven...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007406)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007406 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to preven...

CVE-2025-40304

In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip...

DEBIAN-CVE-2025-40304

In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip...

UBUNTU-CVE-2025-40304

In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip...

CVE-2025-40304

CVE-2025-40304: Linux kernel fbdev rendering bounds check added for bit_putcs to prevent vmalloc-out-of-bounds writes when clipping framebuffer text at screen edges. The fix clips Y off-screen, adjusts image height, breaks on off-screen X, and updates the character count when clipping width to av...

CVE-2025-40304 fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip...

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ffmpeg (UTSA-2025-936113)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-936113 advisory. Buffer Overflow vulnerability in FFmpeg 4.2 at filteredges function in libavfilter/vfyadif.c, which could let a remote malicious user cause a Denial of Service...

SUSE SLES12 Security Update : cairo (SUSE-SU-2025:03450-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03450-1 advisory. - CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. bsc1122338 - CVE-2025-50422: Fix NULL pointer access in activeedgestotraps...

Security update for cairo

This update for cairo fixes the following issues: CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. bsc1122338 CVE-2025-50422: Fix NULL pointer access in activeedgestotraps leading to crash in Poppler. bsc1247589 Patch Instructions: To install this SUSE update use the SUSE recommende...

Security update for cairo

This update for cairo fixes the following issues: CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

SUSE-SU-2025:03280-1 Security update for cairo

This update for cairo fixes the following issues: - CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589...

PT-2025-33812

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the eventpoll subsystem that could allow for semi-unbounded recursion. The issue stems from insufficient depth checks when creating graph edges...

SUSE-SU-2025:02843-1 Security update for cairo

This update for cairo fixes the following issues: - CVE-2025-50422: NULL pointer access in activeedgestotraps can lead to crash in Poppler bsc1247589...

MAL-2025-8952 Malicious code in @malware-test-spook-edges-corse-decoy/test-mlw3-spook-edges-corse-decoy (npm)

The package @malware-test-spook-edges-corse-decoy/test-mlw3-spook-edges-corse-decoy was found to contain malicious code...

Unlearning Inversion Attacks for Graph Neural Networks

Graph unlearning methods aim to efficiently remove the impact of sensitive data from trained GNNs without full retraining, assuming that deleted information cannot be recovered. In this work, we challenge this assumption by introducing the graph unlearning inversion attack: given only black-box...