Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002184 advisory. The dgramrecvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structu...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001630 advisory. The vmwgbsurfacedefineioctl function accessible via DRMIOCTLVMWGBSURFACECREATE in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.11.4 defines a...

SUSE CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2020-1621 Junos OS Evolved: Configd leaks hashes via stream and is world readable

A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1...

php: wddx_deserialize() heap out-of-bound read via php_parse_date()

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelibmeridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parsedate.c out-of-bounds reads affecting the...

OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)

An information leak flaw was found in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

Mozilla / Firefox / Netscape javascript information leak

It's possible to access random heap content with string replacement functions...