uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. There is a security vulnerability in uutils coreutils, which stems from defects in the ChownExecutor used for chown and chgrp operations. This causes the utility to return an incorrect exit code during...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of migration and recovery errors in the drm/xe/pf modules. This vulnerability...

SUSE SLES15 Security Update : nodejs22 (SUSE-SU-2026:1509-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1509-1 advisory. Update to version 22.22.2. - CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism...

PT-2026-34272

Name of the Vulnerable Software and Affected Versions HTTP Headers plugin for WordPress versions prior to 1.19.3 Description Insufficient sanitization of custom header name and value fields before they are written to the Apache .htaccess file via the insert with markers function allows...

PT-2026-34476

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

Linux Distros Unpatched Vulnerability : CVE-2026-33598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions of ONE prior to 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from a lack of operator boundary validation, which could lead to out-of-bounds code...

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. uutils coreutils has a security vulnerability, which stems from an incorrect calculation of the groups= part in the output. This vulnerability may allow unauthorized access or lead to security...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper conditional checks in the mgmtaddadvpatternsmonitorcomplete function. This leads to the...

PT-2026-34400

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ctnetlink component where manual range and mask validations are used instead of netlink policy annotations. This can lead to undefined behavior when the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013778)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013778 advisory. In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013434)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013434 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: always panic when errors=panic is specified Before commit 014c9caa29d3 ext4: make ext4abort...

Linux Distros Unpatched Vulnerability : CVE-2026-35344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While...

Linux Distros Unpatched Vulnerability : CVE-2026-35378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the...

CVE-2026-40343

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

CVE-2026-40343

CVE-2026-40343 concerns free5GC UDR (user data repository) in versions up to and including 1.4.2. The issue is a fail‑open handling flaw in the POST handler for /nudr-dr/v2/policy-data/subs-to-notify: after errors reading the request body or deserializing input, the handler does not terminate and...

CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

CVE-2026-5512

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...

CVE-2026-6783

Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6776 Incorrect boundary conditions in the WebRTC: Networking component

Incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...