Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL dereference on failed power-up Some time ago, the I2C HID implementation was split into an ACPI and OF part. However, the new OF driver never initializes the client pointer, which is dereferenced in case...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin is missing, ath11k will crash during the ‘rmmod ath11kpci’ command. The reason for this is that we were using mhipowerup, which does not check for any errors. However, mhisyncpowerup do...

CVE-2026-31690

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

CVE-2026-31690

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

PT-2026-35496

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42238)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42238 advisory. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Return error if block...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988826)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988826 advisory. In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod...

EUVD-2001-1119

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987313 advisory. In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod...

EUVD-2023-23599

Malicious code in bioql PyPI...

EUVD-2024-53266

Malicious code in bioql PyPI...

EUVD-2023-23593

Malicious code in bioql PyPI...

EUVD-2024-29184

Malicious code in bioql PyPI...

EUVD-2023-23598

Malicious code in bioql PyPI...

EUVD-2023-23592

Malicious code in bioql PyPI...

Malicious code in trello-power-up-tutorial-part-one (npm)

The package trello-power-up-tutorial-part-one was found to contain malicious code...

MAL-2025-37183 Malicious code in trello-power-up-tutorial-part-one (npm)

The package trello-power-up-tutorial-part-one was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2023-52645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first...

kernel: HID: i2c-hid-of: fix NULL-deref on failed power up

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but the new OF driver never initialises the client pointer which is dereferenced on power-up failures...

CVE-2023-1339

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check on the uucssupdaterule function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to...