Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006603)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006603 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID devic...

SUSE CVE-2023-53454

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...

Crosslinked - LinkedIn Enumeration Tool To Extract Valid Employee Names From An Organization Through Search Engine Scraping

CrossLinked simplifies the processes of searching LinkedIn to collect valid employee names when performing password spraying or another security testing against an organization. Using similar search engine scraping capabilities found in tools like subscraper and pymeta, CrossLinked will find vali...

phpcms2008sp4网站管理系统下载任意文件漏洞

comment\down.php ifpregmatch'/.php$/',$f || strpos$f, ":\" showmessage'地址有误'; //12行 只判断文件后辍 PHP，但没有考虑到在win系统中，文件名为：“xx.php ” 后面多了一个空格。也会被认为是 xx.php文件，因此，利用这个原理，当phpcms运行在win系统下，我们可以下载任意文件。 phpcms2008sp4UTF8100510 厂商补丁： PHPCMS ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

JRE/JDK sandbox breaking

By using / instead of . in class name it's possible to bypass sandbox restrictions...