Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013484 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - fix the aead software fallback for engine Due to the subreq pointer misus...

ALPINE-CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

GHSA-J8CJ-HW74-64JV Hive has Double-free and Use After Free Vulnerabilities

Drop implementation for Hive did perform free, but so did Hive::close, which, at the end of the scope performed Drop, therefore triggering double-free. Additionally, function Hive::fromhandle was not marked as unsafe, making it, in combination with ashandle easy to clone and trigger double-free i...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001113)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001113 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002972)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002972 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...

CVE-2025-68303

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punitipc: fix memory corruption This passes the address of the pointer "&punitipcdev" when the intent was to pass the pointer itself "punitipcdev" without the ampersand. This means that the:...

CODESYS Control 安全漏洞

CODESYS Control is a suite of industrial control program programming software from CODESYS, Germany. A security vulnerability exists in CODESYS Control that originates from an unauthenticated, remote attacker can cause the visualization server of the CODESYS Control runtime system to access...

EUVD-2021-27202

Malware in sbrugna...

EUVD-2020-16593

Malware in sbrugna...

EUVD-2014-9682

Malware in sbrugna...

EUVD-2017-9002

Malware in sbrugna...

EUVD-2015-9103

Malware in sbrugna...

EUVD-2025-14104

Malicious code in bioql PyPI...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...

CVE-2021-47650

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...

CVE-2024-5991

CVE-2024-5991 describes a buffer overread in wolfSSL’s domain-name matching. The vulnerability arises when MatchDomainName() treats the input as NULL-terminated even though X509_check_host() accepts a pointer+length without requiring NULL termination, allowing a caller providing a non-NULL-termin...

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

SUSE CVE-2015-9261

huftbuild in archival/libarchive/decompressgunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file...

SUSE CVE-2016-1945

The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive...

SUSE CVE-2017-17855

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars...