CVE-2025-70303

A heap overflow in the uncvparseconfig function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003213)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003213 advisory. The imspcuparsecdcdata function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002502 advisory. An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kernel before 4.8.6. There is an out of bounds write in the function ad5755parsedt. Tenable has...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002696 advisory. The usbhidparse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service out-of-bounds read and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002244 advisory. Stack consumption vulnerability in the parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denia...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002216)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002216 advisory. The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service unkillable mount proce...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002577 advisory. The cdcparsecdcheader function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service out-of-bounds read and...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002962 advisory. The imspcuparsecdcdata function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service...

GHSA-73RR-HH4G-FPGX jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

Impact Attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory without limit until the process crashes due to running out of memory. Applications are therefore...

Reflected Cross-Site Scripting (XSS)

Parse Server is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-controlled values in password reset and email verification HTML pages, which allows an attacker to inject and execute malicious scripts in a victim’s browser...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001648 advisory. The parsehidreportdescriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service out-of-bounds...

CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

CVE-2025-71096 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

Astra Linux – Vulnerability in Firebird 3.0

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there was a NULL pointer dereferencing denial-of-service vulnerability in Firebird. This specific flaw existed in the parsing of xdr messages from clients. It led to NULL pointer dereferencing and denial-of-service...

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeros...

Astra Linux – Vulnerability in gst-plugins-base1.0

In GStreamer through 1.26.1, the subparse plugin’s parsesubriptime function may write data beyond the bounds of a stack buffer, resulting in a crash...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak in the smb3fscontextParseParam error path has been fixed. Proper cleanup of ctx-source and fc-source was added to the cifsParseMountErr error handler. This ensures that the memory allocated for the source...

Security Bulletin: Vulnerability in protobuf-c affects IBM Netezza Appliance

Summary The protobuf-c package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2022-48468 Vulnerability Details CVEID:CVE-2022-48468 DESCRIPTION: protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember. CWE:CWE-190: Integer...

PT-2026-2617

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the RDMA/core component related to the handling of netlink responses for RDMA NL LS OP IP RESOLVE queries. Specifically, the code does not correct...

MiracleLinux 7 : php-5.4.16-48.0.7.el7.AXS7 (AXSA:2025-10750:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10750:06 advisory. CVE-2025-1220: error if host contains null bytes in the middle of the string CVEs: CVE-2025-1220 In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3...