Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002304 advisory. The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to...

EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2026-1097)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002154)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002154 advisory. The ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002031)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002031 advisory. The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to...

EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2026-1077)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

New OPCOPRO Scam Uses AI and Fake WhatsApp Groups to Defraud Victim

Meet OPCOPRO, an online scam that builds a fake AI-run world like The Truman Show using WhatsApp and apps to steal IDs via fake KYC and investments...

CVE-2023-50437

An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...

CVE-2022-33140

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the...

CVE-2022-31096

Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite h...

CVE-1999-0603

In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc...

CVE-2019-7869

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage customer groups...

CVE-2024-2915

Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an attacker with access to the PAM JIT elevation feature to elevate themselves to unauthorized groups via a specially crafted request...

CVE-2024-2232

The lacks CSRF checks allowing a user to invite any user to any group including private groups...

CVE-2024-2040

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private groups via a CSRF attack...

EUVD-2026-1047

AIOHTTP has unicode match groups in regexes for ASCII protocol elements...

PT-2026-25314

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.5 and 3.6 OpenSSL versions prior to 3.4 OpenSSL versions prior to 3.3 OpenSSL versions prior to 3.0 OpenSSL versions prior to 1.0.2 OpenSSL versions prior to 1.1.1 Description An issue exists in OpenSSL TLS 1.3 servers where...

PT-2025-53973

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpf prog attach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPF LSM CGROUP, we return too earl...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992274)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992274 advisory. In the Linux kernel, the following vulnerability has been resolved: pnode: terminate at peers of source The propagatemnt function handles mount propagation when...

Linux Distros Unpatched Vulnerability : CVE-2023-54111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pinctrl: rockchip: Fix refcount leak in rockchippinctrlparsegroups offindnodebyphandle returns a node pointer with refcount incremented, We should use ofnodeput...

SUSE CVE-2023-54041

In the Linux kernel, the following vulnerability has been resolved: iouring: fix memory leak when removing provided buffers When removing provided buffers, iobuffer structs are not being disposed of, leading to a memory leak. They can't be freed individually, because they are allocated in...