PT-2026-21476

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw exists in GIMP related to integer overflow when processing ICO image files. The issue is present in the ico read info and ico read icon functions, where a size calculation for image buffe...

PT-2026-27751

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the gve module related to incorrect buffer cleanup within the gve tx clean pending packets function when operating in DQ-QPL mode. This occurs becau...

PT-2026-6748

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 20.7-cert9 Asterisk versions prior to 20.18.2 Asterisk versions prior to 21.12.1 Asterisk versions prior to 22.8.2 Asterisk versions prior to 23.2.2 Description The ast xml open function in Asterisk’s xml.c component...

PT-2026-3019

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description An issue exists in the libxml2 library related to uncontrolled resource consumption. The problem occurs when processing XML catalogs containing repeated elements that point to the same...

PT-2026-25310

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw exists in the RAR5 archive decompression logic within the archive read data processing path of the libarchive library. Processing a specially crafted RAR5 archive can cause the...

PT-2026-26583

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the netfilter subsystem related to nf tables. During transaction processing, multiple catchall elements may exist, including one active and one...

PT-2026-29037

Name of the Vulnerable Software and Affected Versions Node.js affected versions not specified Description A flaw in Node.js URL processing can lead to an assertion failure in native code when the url.format function is invoked with a malformed internationalized domain name IDN containing invalid...

K000158954: Apache Struts vulnerability CVE-2025-64775

Security Advisory Description Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which...

SUSE CVE-2022-50786

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

EUVD-2022-55929

SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program crashes. Attackers can trigger a floating point exception by providing a specially crafted WAV file that causes arithmetic errors during sound file processing...

Linux Distros Unpatched Vulnerability : CVE-2022-50798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program crashes. Attackers can trigger a floating point exception by...

Linux Distros Unpatched Vulnerability : CVE-2022-50817

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns...

Unity Linux 20.1070e Security Update: libvirt (UTSA-2025-993323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993323 advisory. A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicio...

PocketMine-MP 安全漏洞

PocketMine-MP is a game server software from PMMP Open Source. A security vulnerability exists in PocketMine-MP versions prior to 4.18.1, which stems from improper input validation in inventory transaction processing, and could lead to a remote attacker triggering a server crash and resulting in ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992755 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an...

UBUNTU-CVE-2022-50798

SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program crashes. Attackers can trigger a floating point exception by providing a specially crafted WAV file that causes arithmetic errors during sound file processing...

Uncontrolled Recursion

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

CVE-2022-50798

CVE-2022-50798 is associated with SoX 14.4.2 and is described in multiple advisories as a division-by-zero fault when processing WAV files, potentially causing program crashes. Connected docs indicate the vulnerability affects SoX 14.4.2 and provide remediation guidance via package updates (e.g.,...

CVE-2022-50798

Removed by vendor...