Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002502 advisory. An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755parsedt. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002577 advisory. The cdcparsecdcheader function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and...

CVE-2025-70303

A heap overflow in the uncvparseconfig function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

EUVD-2026-2719

A heap overflow in the aviparseinputfile function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted AVI file...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002244 advisory. Stack consumption vulnerability in the parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denia...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC has a stack buffer overflow vulnerability that originates from the uncvparseconfig function failing to properly validate the length size of the input data, which can be exploited by an attacker to cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002696 advisory. The usbhidparse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service out-of-bounds read and...

CVE-2025-70298

GPAC (open-source multimedia framework): CVE-2025-70298 affects GPAC v2.4.0, via an out-of-bounds read in oggdmx_parse_tags. The root cause is inadequate validation of input data length, enabling an attacker to trigger a denial of service. The vulnerability is documented across multiple sources (...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002962 advisory. The imspcuparsecdcdata function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002216 advisory. The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service unkillable mount proce...

CVE-2025-70303

A heap overflow in the uncvparseconfig function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

CVE-2025-70299

A heap overflow in the aviparseinputfile function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted AVI file...

CVE-2025-70303

CVE-2025-70303 concerns GPAC v2.4.0, where the uncv_parse_config() function is vulnerable to a heap overflow (CNVD and Red Hat listings corroborate as a DoS risk). Exploitation involves processing a crafted MP4 file, leading to denial of service. Connected sources consistently describe a DoS outc...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003213)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003213 advisory. The imspcuparsecdcdata function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service...

GHSA-73RR-HH4G-FPGX jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

Impact Attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory without limit until the process crashes due to running out of memory. Applications are therefore...

Reflected Cross-Site Scripting (XSS)

Parse Server is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-controlled values in password reset and email verification HTML pages, which allows an attacker to inject and execute malicious scripts in a victim’s browser...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001648 advisory. The parsehidreportdescriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service out-of-bounds...

CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

CVE-2025-71096 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

Astra Linux - уязвимость в firebird3.0

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...