Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992256)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992256 advisory. In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlpciinitafu|adapter If deviceregister fails in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992500)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992500 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fix memory leak in socfpgagateinit Free @socfpgaclk and @ops on the error path to...

PT-2025-53990

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the realtime counter init function within the ARM OMAP2+ architecture of the Linux kernel. The “sys clk” resource is allocated using clk get but is not released...

PT-2025-54114

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the lontium-lt9611 driver where a NULL pointer dereference can occur within the lt9611 connector init function. Specifically, the code dereferences th...

CVE-2025-15144

A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the function drshowerror/drexitmsg of the file /dayrui/Fcms/Init.php of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...

CVE-2025-15144

A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the function drshowerror/drexitmsg of the file /dayrui/Fcms/Init.php of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...

CVE-2025-15144 dayrui XunRuiCMS JSONP Callback Init.php dr_exit_msg cross site scripting

A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the function drshowerror/drexitmsg of the file /dayrui/Fcms/Init.php of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...

CVE-2025-15144

Summary: CVE-2025-15144 affects dayrui XunRuiCMS (up to 4.7.1) in the JSONP Callback Handler. The vulnerability stems from manipulation of the callback argument in the function dr_show_error/dr_exit_msg within /dayrui/Fcms/Init.php, enabling cross-site scripting. Exploitation can be performed rem...

CVE-2025-15144 dayrui XunRuiCMS JSONP Callback Init.php dr_exit_msg cross site scripting

A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the function drshowerror/drexitmsg of the file /dayrui/Fcms/Init.php of the component JSONP Callback Handler. This manipulation of the argument callback causes cross site scripting. The attack can be initiated...

PT-2025-53660

Name of the Vulnerable Software and Affected Versions dayrui XunRuiCMS versions up to 4.7.1 Description A flaw exists in dayrui XunRuiCMS that allows for cross site scripting. The issue is located in the JSONP Callback Handler component, specifically within the dr show error/dr exit msg function ...

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...

SUSE-SU-2025:4525-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132...

Linux Distros Unpatched Vulnerability : CVE-2022-50758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: vt6655: fix potential memory leak In function deviceinittd0ring, memory is allocated for member tdinfo of priv-apTD0Ringsi, with i increasing from 0. I...

Linux Distros Unpatched Vulnerability : CVE-2023-54017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/pseries: fix possible memory leak in ibmebusbusinit If deviceregister returns error in ibmebusbusinit, name of kobject which is allocated in devsetname...

Linux Distros Unpatched Vulnerability : CVE-2023-54005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binder: fix memory leak in binderinit In binderinit, the destruction of binderallocshrinkerinit is not performed in the wrong path, which will cause memory leak...

Linux Distros Unpatched Vulnerability : CVE-2022-50727

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory f...

CVE-2023-54001

In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in r8712initxmitpriv In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This patch fixes commit...

CVE-2022-50702

In the Linux kernel, the following vulnerability has been resolved: vdpasim: fix possible memory leak in vdpasimnetinit and vdpasimblkinit Inject fault while probing module, if deviceregister fails in vdpasimnetinit or vdpasimblkinit, but the refcount of kobject is not decreased to 0, the name...

CVE-2023-54017

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebusbusinit If deviceregister returns error in ibmebusbusinit, name of kobject which is allocated in devsetname called in deviceadd is leaked. As comment of deviceadd says, it shoul...

SUSE CVE-2022-50727

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...