Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013591 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that...

Oracle MySQL 安全漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which can be exploited by attackers to cause MySQL Server to hang without authorization or crash frequently and repeatedly full DOS...

Oracle MySQL 安全漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which can be exploited by attackers to cause MySQL Server to hang without authorization or crash frequently and repeatedly full DOS...

CVE-2024-36026 drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1UNLOAD...

OESA-2024-1402 nodejs-qs security update

This is a query string parser for node and the browser supporting nesting, as it was removed from 0.3.x, so this library provides the previous and commonly desired behavior and twice as fast. Used by express, connect and others. Security Fixes: qs before 6.10.3, as used in Express before 4.17.3 a...

CVE-2024-26696

CVE-2024-26696 (nilfs2 deadlock fix) In the Linux kernel, the nilfs2 fix addresses a hang in nilfs_lookup_dirty_data_buffers() triggered by a deadlock between log writer and writeback during mbind/migrate_pages_batch. The root cause was a conditional wait in nilfs_page_mkwrite() that could allow ...

golang: net/http: handle server errors after sending GOAWAY

A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown...

kernel: KVM: x86/mmu: make apf token non-zero to fix bug

A hang vulnerability is possible in the Linux kernel in arch/x86/kvm/mmu/mmu.c. This issue may lead to compromised availability...

kernel: KVM: x86/mmu: make apf token non-zero to fix bug

A hang vulnerability is possible in the Linux kernel in arch/x86/kvm/mmu/mmu.c. This issue may lead to compromised availability...

kernel: KVM: x86/mmu: make apf token non-zero to fix bug

A hang vulnerability is possible in the Linux kernel in arch/x86/kvm/mmu/mmu.c. This issue may lead to compromised availability...

kernel: KVM: x86/mmu: make apf token non-zero to fix bug

A hang vulnerability is possible in the Linux kernel in arch/x86/kvm/mmu/mmu.c. This issue may lead to compromised availability...

Denial of Service

Description R2 will hang for several crafted binaries. Proof of Concept bash printf "%s" "AAA4AAAAAB4=" | base64 -d /tmp/a printf "%s" "z/rt/gwAAAEuAAB//wAAAACe2QEaAAAG+s8yAOH/AQAAAA==" | base64 -d /tmp/a printf "%s"...

Oracle Fusion Middleware和Oracle WebLogic Server 输入验证错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware and Oracle WebLogic Server are both products of Oracle Corporation.Oracle Fusion Middleware is a business innovation platform for enterprise and cloud environments. The platform provides middleware, software collections, etc. Oracle WebLogic Serve...

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

...

CVE-2018-15607

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote...

CVE-2018-7976

There is a stored cross-site scripting XSS vulnerability in Huawei eSpace Desktop V300R001C00 and V300R001C50 version. Due to the insufficient validation of the input, an authenticated, remote attacker could exploit this vulnerability to send abnormal messages to the system and perform a XSS...

Mozilla: Hang via malformed headers

Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

CVE-2018-10799

A hang issue was discovered in Brave before 0.14.0 on, for example, Linux. This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element...

Netwide Assembler Infinite While Loop Vulnerability

Netwide Assembler NASM is a portable, modular 80x86 and x86-64 assembler. An infinite while loop vulnerability exists in the assemblefile function of asm/nasm.c in Netwide Assembler NASM 2.14rc0. The vulnerability arises due to a globallineno integer overflow. An attacker can exploit this...

CVE-2015-9218

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and...