KLA91012 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in media can be exploited remotely to execute...

KLA90963 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in CSS can be exploited to cause denial of service or execute...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004396 advisory. A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices coul...

Google Chrome < 4.1.0.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 4.1.0.21. It is, therefore, affected by multiple vulnerabilities as referenced in the 201503stable-channel-update advisory. - Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM...

Linux Distros Unpatched Vulnerability : CVE-2016-2384

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in the sndusbmidicreate function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a...

CVE-2025-21859 USB: gadget: f_midi: f_midi_complete to call queue_work

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

CVE-2022-49545

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is being released. For...

EUVD-2020-20288

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change...

USN-3847-2 linux-hwe, linux-aws-hwe, linux-azure, linux-gcp vulnerabilities

USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux...

WildMIDI Denial of Service Vulnerability

WildMIDI is a free and open source software synthesizer that converts MIDI note data into an audio signal using GUS sound patches without the need for a GUS patch compatible sound card. A denial of service vulnerability exists in the WMSetupMidiEvent function in internalmidi.c:2122 in WildMIDI,...

DEBIAN-CVE-2017-11664

The WMSetupMidiEvent function in internalmidi.c:2122 in WildMIDI 0.4.2 can cause a denial of service invalid memory read and application crash via a crafted mid file...