Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021647 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL...

SUSE CVE-2025-66286

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

CVE-2025-66286

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

CVE-2025-66286

Technical details about CVE-2025-66286 are not publicly available in the provided documents. Monitor for updates from Red Hat, WebKitGTK, and WPE WebKit for affected products, versions, impact, and fixes.

CVE-2025-66286 Webkitgtk: authorization bypass through webpage::send-request signal handler

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

CVE-2025-66286 Webkitgtk: authorization bypass through webpage::send-request signal handler

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

CVE-2025-66286

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

WebKitGTK 安全漏洞

WebKitGTK is a full-featured version of theWebKit rendering engine developed by WebKitGTK company. It is suitable for projects that require any type of web integration, including mixed HTML/CSS applications in mature web browsers. It offers all the features of WebKit and is suitable for various...

PT-2026-34659

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

CVE-2026-22997

The CVE-2026-22997 issue affects the Linux kernel CAN/J1939 subsystem. The root cause is that j1939_session_deactivate_activate_next() is only invoked in j1939_tp_rxtimer() when the timer is enabled, allowing a refcount leak if the timer is cancelled without calling the function. This can lead to...

CVE-2003-1512

Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service crash via a long DCC SEND request...

CVE-2020-24397

An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM...

EUVD-2003-1502

Malware in sbrugna...

EUVD-2009-2652

Malware in sbrugna...

EUVD-2003-1125

Malware in sbrugna...

NVIDIA Triton Inference Server 缓冲区错误漏洞

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server suffers from a security vulnerability that stems from a send request that could result in an out-of-bounds...

CVE-2003-1135

Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service crash via a file send request sendfile with a large number of "%" percent characters after the Yahoo ID...

ksmbd: fix type confusion via race condition when using ipc_msg_send_request

...

AZL-59760 CVE-2025-21947 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

AZL-55196 CVE-2024-56688 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...