SUSE CVE-2026-45968

In the Linux kernel, the following vulnerability has been resolved: cpuidle: Skip governor when only one idle state is available On certain platforms PowerNV systems without a power-mgt DT node, cpuidle may register only a single idle state. In cases where that single state is a polling state sta...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches high temperatures. With certain high GPU loads, it is possible to reach the critical hardware shutdown...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/vmwgfx: Fixed a deadlock in DMA buffer fence polling. A new version of the fence operations was introduced. Upon release, this version does not remove fences from the pending list, thereby eliminating the need for a lock t...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: octeonep: Added handling of SKB allocation failures in octepoqprocessrx. The buildskb function returns NULL in case of a memory allocation failure. Therefore, this behavior should be handled within octepoqprocessrx to avoid NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync instead of deltimer in the fw reset flow of the halting poll. Replace deltimer with deltimersync in the fw reset polling activation flow. This prevents a race condition that occurs when deltimer is call...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fixed the destruction of kthread workers in polling mode. The cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreadDestroyWorker before...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021652)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021652 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on...

Linux Distros Unpatched Vulnerability : CVE-2026-43293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and...

CVE-2025-40904

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

CVE-2025-40904 HTML injection in Smart Polling in Guardian/CMC before 26.1.0

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

EUVD-2025-209895

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

CVE-2025-40904

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

CVE-2025-40904

The CVE-2025-40904 issue is a Stored HTML Injection in the Smart Polling feature. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags via sync; when a victim opens the affected remote strategy, injected HTML can render in their browser and enabl...

CVE-2025-40904 HTML injection in Smart Polling in Guardian/CMC before 26.1.0

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

Nozomi Networks CMC和Nozomi Networks Guardian 跨站脚本漏洞

Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have cross-site...

HTML injection in Smart Polling in Guardian/CMC before 26.1.0

Summary A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. Impact An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views th...

PT-2026-41891

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

SUSE CVE-2026-43293

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...

Unbreakable Enterprise kernel security update

5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks Victor Nogueira Orabug: 39362005 CVE-2026-23270 - KVM: x86: disable preemption around the call to...

SUSE CVE-2025-38093

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches high temperatures. With certain high GPU loads it is possible to reach the critical hardware shutdown...