EUVD-2026-24607

Vulnerability in Spring Spring Security. If an application is using the UserDetailsisEnabled, isAccountNonExpired, or isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, o...

PT-2026-34250

Vulnerability in Spring Spring Security. If an application is using the UserDetailsisEnabled, isAccountNonExpired, or isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, o...

CVE-2023-54167 m68k: mm: Move initrd phys_to_virt handling after paging_init()

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

SUSE CVE-2023-53206

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbuscore Fix NULL pointer dereference Pass i2cclient to pmbusisenabled to drop the assumption that a regulator device is passed in. This will fix the issue of a NULL pointer dereference when called from pmbusgetflags...