Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991142 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading superblock Fuzzers like to scribble over sbbsizeshift but ...

CVE-2021-47719

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2020-36888 SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration via Login Script

SpinetiX Fusion Digital Signage 3.4.8 contains a username enumeration vulnerability in its login script that allows attackers to identify valid user accounts. Attackers can send crafted login requests with different usernames to distinguish between existing and non-existing accounts by analyzing...

net: stmmac: Correctly handle Rx checksum offload errors

...

CVE-2025-40251

No description is available for this CVE. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability...

CVE-2025-42896

SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send crafted requests through the URL parameter that controls the login page error message. This can cause the server to fetch attacker-supplied URLs, resulting in low impact to confidentiality and integrit...

CVE-2023-53849

A workqueue resource leak was found in the MSM DRM driver in the Linux kernel. When a subcomponent fails to bind during driver initialization, the allocated workqueue is not destroyed, leading to resource leakage. Repeated bind failures could exhaust system resources...

kernel: iomap: iomap: fix memory corruption when recording errors during writeback

In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...

SUSE CVE-2023-53849

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind e.g. a subcomponent failing to bind. Since commit c3b790ea07a1 "drm: Manage drmmodeconfiginit with drmm" the...

PT-2026-3244

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.x through 10.11.8 Mattermost versions 11.1.x through 11.1.1 Mattermost versions 11.0.x through 11.0.6 Description The software contains a flaw that does not prevent infinite re-renders when API errors occur...

PT-2025-50512

SpinetiX Fusion Digital Signage 3.4.8 contains a username enumeration vulnerability in its login script that allows attackers to identify valid user accounts. Attackers can send crafted login requests with different usernames to distinguish between existing and non-existing accounts by analyzing...

EUVD-2025-202325

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred...

EUVD-2021-34726

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2025-13743

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred...

CVE-2021-47719 CNC_Ctrl DllUnregisterServer f5501 Access Violation

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2021-47719 CNC_Ctrl DllUnregisterServer f5501 Access Violation

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2025-13743 Expired Personal Access Tokens (PATs) are recorded in Docker Desktop diagnostic logs

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred...

EUVD-2023-60147

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind e.g. a subcomponent failing to bind. Since commit c3b790ea07a1 "drm: Manage drmmodeconfiginit with drmm" the...

CVE-2025-14322

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

CVE-2023-53849

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind e.g. a subcomponent failing to bind. Since commit c3b790ea07a1 "drm: Manage drmmodeconfiginit with drmm" the...