Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011229 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time,...

EUVD-2026-23850

Vvveb prior to 1.0.8.1 contains a privilege escalation vulnerability in the admin user profile save endpoint that allows authenticated users to modify privileged fields on their own profile. Attackers can inject roleid=1 into profile save requests to escalate to Super Administrator privileges,...

CVE-2026-34427 Vvveb < 1.0.8.1 Privilege Escalation via admin/user/save

Vvveb prior to 1.0.8.1 contains a privilege escalation vulnerability in the admin user profile save endpoint that allows authenticated users to modify privileged fields on their own profile. Attackers can inject roleid=1 into profile save requests to escalate to Super Administrator privileges,...

CVE-2026-34427

Vvveb versions prior to 1.0.8.1 contain a privilege escalation in the admin/user/save endpoint. An authenticated user can inject role_id=1 in profile save requests to elevate to Super Administrator, enabling plugin upload functionality and remote code execution. The fix is provided in 1.0.8.1 (se...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990240 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in sendsignalcommon The following kernel panic can be triggered when a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989759)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989759 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in sendsignalcommon The following kernel panic can be triggered when a...

EUVD-2012-5738

Malware in sbrugna...

CVE-2024-6534

creationtimestamp| type| source ---|---|--- 2024-08-15 05:56:35+00:00| seen| https://t.me/cvedetector/3224 2024-08-15 06:46:45+00:00| seen| https://t.me/cvedetector/3228...

CVE-2024-39678

creationtimestamp| type| source ---|---|--- 2024-07-18 04:15:38+00:00| seen| https://t.me/cvedetector/1134 2025-02-14 09:47:00+00:00| seen| Telegram/X-iiMcmbKZEdTOtLK9-DS5EMdqyQU0S4m4A2CR5zBlWLCAk...

CVE-2024-0039

creationtimestamp| type| source ---|---|--- 2024-03-11 18:26:35+00:00| seen| https://t.me/ctinow/204926 2024-03-11 18:26:48+00:00| seen| https://t.me/ctinow/204939 2024-05-29 22:14:33+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7455...

CVE-2023-6004

creationtimestamp| type| source ---|---|--- 2024-01-03 18:31:52+00:00| seen| https://t.me/ctinow/162523 2024-01-04 01:37:03+00:00| seen| https://t.me/cibsecurity/74334 2024-01-04 07:51:50+00:00| seen| https://t.me/ctinow/162805 2024-01-05 21:22:49+00:00| seen| https://t.me/arpsyndicate/2527...

PT-2023-35127 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.92 Description: The issue is related to the bpf in the Linux Kernel, specifically with skipping tasks with pid=1 in send signal common. The actual impact and attack plausibility have not yet been proven...

While using FAS application launch fails with error "Cannot start app <Application Name>"

Application launch fails with error "Cannot start app ", Event ID 1 and 28 are logged on Storefront servers. Event ID: 1 Description: The Federated Authentication Server at: returned a server error: 1 for method AssertIdentity...

bycms 跨站请求伪造漏洞

bycms is a simple, easy-to-use content management system. A cross-site request forgery vulnerability exists in bycms v1.3, which can be triggered by an attacker via admin.php/systems/index/moduleid/70/groupid/1.html...

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1 causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).

...

Event ID: 0 & Event ID:1 - Citrix Store cannot be created or added

Unable to create or add a store. Event ID: 0 & Event ID:1 Checking the event viewer on the Storefront server gives the following events- Also, unable to browse an existing store. "The webpage cannot be found."...

Design/Logic Flaw

Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compliant public keys...

CVE-2012-5860

Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compliant public keys...

CVE-2012-5860

Technical details for CVE-2012-5860 are not publicly available in the provided documents. No information on affected products, root cause, or fixes is present beyond the general description. Monitor for updates.