SUSE-SU-2026:1293-1 Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on...

SUSE-SU-2026:1288-1 Security update for the Linux Kernel (Live Patch 74 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.280 fixes various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on...

CVE-2026-21011

Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock...

nodejs: Nodejs denial of service

A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths tlsClientError and error, causing either immediate...

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

ImageMagick 数字错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-189 and 6.9.13-44 contained a numerical error vulnerability. This vulnerability stemmed from the...

ytDownloader 代码注入漏洞

ytDownloader is a multi-platform audio and video download tool developed by Andrew. Versions of ytDownloader 3.20.2 and earlier had a code injection vulnerability, which stemmed from a cross-site scripting attack involving the function createTextNode in the Error Details Panel component...

PT-2026-32487

Name of the Vulnerable Software and Affected Versions CPython affected versions not specified Description A use-after-free UAF issue exists in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This occurs when a memory allocation fails with a MemoryError and the decompression instanc...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained a buffer error vulnerability. This vulnerability stemmed from integer...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a zero-division error in the rtscmin function of the schhfsc module, potentially leading to a...

Linux Distros Unpatched Vulnerability : CVE-2026-6100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the...

Linux Distros Unpatched Vulnerability : CVE-2026-31425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rds: ib: reject FRMR registration before IB connection is established rdsibgetmr extracts the rdsibconnection from conn-ctransportdata and passes it to...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 contained a buffer error vulnerability. This vulnerability stemmed from improper handling of...

jq 缓冲区错误漏洞

jq is a lightweight and flexible command-line JSON processor developed by jqlang. jq has a buffer error vulnerability, which stems from an out-of-bounds read in the error handling path of the jvparsesized function. This vulnerability may lead to memory leaks or process termination...

PT-2026-32544

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-19 Description An off-by-one error in the MSL decoder can cause a crash when reading a malicious MSL file. Recommendations Update to version 7.1.2-19...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained a buffer error vulnerability. This vulnerability stemmed from the sample...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained a buffer error vulnerability, which was caused by heap out-of-bound...

nextjs-sa-dos-poc-20260413

Next.js Server Actions DoS — PoC Vulnerability: Unhandled...

Exploit for SQL Injection in Apache Superset

CVE-2026-23980 - Apache Superset Authenticated SQL Injection...

CVE-2019-25710

Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malicious SQL code through the rowid POST parameter to extract sensitive database information using...