Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002760 advisory. arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the BP and OF exceptions, which allows guest OS users to cause a denial of service guest OS crash by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002130 advisory. The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003536)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003536 advisory. A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all...

GO-2026-4285 Bypassing Kyverno Policies via Double Policy Exceptions in github.com/kyverno/kyverno

Bypassing Kyverno Policies via Double Policy Exceptions in github.com/kyverno/kyverno...

CVE-2021-22415

There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code...

CVE-2021-22351

There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions...

CVE-2022-42324

Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most...

CVE-2022-35996

TensorFlow is an open source platform for machine learning. If Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue ...

CVE-2021-2271

Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite component: Resource Exceptions. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Work ...

Unity Linux 20.1070e Security Update: tigervnc (UTSA-2026-000530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000530 advisory. In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities...

Bypassing Kyverno Policies via Double Policy Exceptions

Summary If a cluster has a Kyverno policy in enforce mode and there are two exceptions, this allows the policy to be bypassed, even if the first exception is more restrictive than the second. Details The following policy was applied: yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata:...

EUVD-2026-1035

Bypassing Kyverno Policies via Double Policy Exceptions...

GHSA-GG4X-FGG2-H9W9 Bypassing Kyverno Policies via Double Policy Exceptions

Summary If a cluster has a Kyverno policy in enforce mode and there are two exceptions, this allows the policy to be bypassed, even if the first exception is more restrictive than the second. Details The following policy was applied: yaml apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from rtbindexception may bind outdated routing exceptions that could lead to a memory leak...

CVE-2025-58408

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

CVE-2025-58408 GPU DDK - KASAN Read UAF in the PVRSRVBridgeRGXSubmitTransfer2 due to improper error handling code

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

PT-2025-48439

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

CVE-2025-13596

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

CVE-2025-13596 Improper Error Handling Leading to Sensitive Information Disclosure in CIGES ≤ 2.15.6

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...

PT-2025-47890

A sensitive information disclosure vulnerability exists in the error handling component of ATISoluciones CIGES Application version 2.15.6 and earlier. When certain unexpected conditions trigger unhandled exceptions, the application returns detailed error messages and stack traces to the client...