CVE-2026-7733 funadmin Frontend Chunked Upload Endpoint UploadService.php chunkUpload unrestricted upload

A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Frontend Chunked Upload Endpoint. This manipulation of the argument File causes unrestricted upload. The attack is possible to ...

Fedora 44 : roundcubemail (2026-6d293b6889)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6d293b6889 advisory. Version 1.7-rc6 This is hopefully the last release candidate for the next major version 1.7 of Roundcube Webmail. It provides a fix to recently...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010719 advisory. An issue was discovered in the Linux kernel through 5.16-rc6. kfdparsesubtypeiolink in drivers/gpu/drm/amd/amdkfd/kfdcrat.c lacks check of the return value of kmemdu...

CVE-2026-30836

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0...

UBUNTU-CVE-2026-30836

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0...

CVE-2026-30836 Step CA: Unauthenticated Certificate Issuance via SCEP UpdateReq (MessageType=18)

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0...

EUVD-2007-6047

Malware in sbrugna...

EUVD-2018-1940

Malware in sbrugna...

PT-2025-33787

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc6-01246-gf7f52738637f Description: A null-pointer dereference issue was identified in the neigh flush dev function within the Linux kernel. This occurred due to a missing check when using the per-netdev...

Linux Distros Unpatched Vulnerability : CVE-2022-3115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.16-rc6. malidpcrtcreset in drivers/gpu/drm/arm/malidpcrtc.c lacks check of the return value of kzalloc and...

PT-2024-28075

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0-rc6 Description The issue arises from the reinitialization of the whole EST structure, which resets the mutex lock embedded in the EST structure and triggers a warning. To address this, the lock is moved to...

PT-2024-28063

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0-rc6+ Description A vulnerability in the Linux kernel has been resolved, specifically in the bnxt re module. The issue is related to undefined behavior when the bnxt qplib alloc init hwq function is called...

PT-2024-4107

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc6+ Description The vulnerability is related to the SUNRPC module in the Linux kernel, specifically with the TCP TLS functionality. A missing rpc stat for TCP TLS can cause a kernel NULL pointer dereferenc...

PT-2024-21630

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc6+ Description The vulnerability is related to the nouveau driver in the Linux kernel. It appears that the client object tree has no locking, which can cause races around adding or removing client objects...

PT-2024-7110 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.0-rc6+ Description: The vulnerability is related to the net/mlx5e component in the Linux kernel. It is caused by a NULL pointer dereference when trying to remove a flow peer list head of a peer index that wa...

PT-2025-53157

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc6-kts+ Description The Linux kernel contains a flaw within the btrfs zoned mode related to handling pre-allocated writes during relocation. Specifically, the issue arises when a checksum is unavailable fo...

K32805465: Linux kernel Vulnerability CVE-2021-3483

Security Advisory Description A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality,...

SUSE CVE-2009-2846

The eisaeepromread function in the parisc isa-eeprom component drivers/parisc/eisaeeprom.c in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds read ...

SUSE CVE-2016-6162

net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service panic or possibly have unspecified other impact via certain IPv6 socket operations...

CVE-2022-3112

An issue was discovered in the Linux kernel through 5.16-rc6. amvdecsetcanvases in drivers/staging/media/meson/vdec/vdechelpers.c lacks check of the return value of kzalloc and will cause the null pointer dereference...