CVE-2026-31595

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...

CLSA-2026-1775831524 Fix of 8 CVEs

CVE-2024-56640 - net/smc: fix LGR and link use-after-free issue CVE-2024-56640 CVE-2026-23209 - macvlan: fix error recovery in macvlancommonnewlink CVE-2026-23209 CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount CVE-2026-23193 CVE-2026-23204 - net/sched:...

SUSE CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

CVE-2024-41668

The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...

EUVD-2025-2659

Malicious code in bioql PyPI...

PT-2025-22126 · Koibox · Koibox

Name of the Vulnerable Software and Affected Versions: Koibox versions prior to e8cbce2 Description: A Stored Cross-Site Scripting XSS issue has been found, allowing an authenticated attacker to upload an image containing malicious JavaScript code as a profile picture in the...

CVE-2022-49115

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix misused goto label Fix a misused goto label jump since that can result in a memory leak...

CVE-2022-49115 PCI: endpoint: Fix misused goto label

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix misused goto label Fix a misused goto label jump since that can result in a memory leak...

UBUNTU-CVE-2024-56561

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix PCI domain ID release in pciepcdestroy pciepcdestroy invokes pcibusreleasedomainnr to release the PCI domain ID, but there are two issues: - 'epc-dev' is passed to pcibusreleasedomainnr which was already freed ...

SUSE-SU-2018:2576-1 Security update for OpenStack

This update for OpenStack fixes the following issues: The following security issue with openstack-keystone has been fixed: - CVE-2018-14432: Reduce duplication in federated authentication APIs. bsc1102151 Additionally, the following non-security issues have been fixed: openstack-dashboard: - Fetc...