EUVD-2026-27231

A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving dropped packets and out-of-order sequence counters, the server may incorrectly process fragmented data chunks. If a sequence reset notificatio...

CVE-2026-6180

A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving dropped packets and out-of-order sequence counters, the server may incorrectly process fragmented data chunks. If a sequence reset notificatio...

CVE-2026-6180

A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving dropped packets and out-of-order sequence counters, the server may incorrectly process fragmented data chunks. If a sequence reset notificatio...

CVE-2026-6180 PaperCut MF: Card truncation on HP readers

A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving dropped packets and out-of-order sequence counters, the server may incorrectly process fragmented data chunks. If a sequence reset notificatio...

CVE-2026-6180

PaperCut MF/NG suffers a race condition in processing badge-swipe data from certain HP devices, under dropped/out-of-order packet conditions. The issue can cause a truncated badge ID to be registered, and in environments with custom badge-ID post-processing scripts, the truncated value may map to...

ROS-20260505-73-0062

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

PT-2026-36982

Name of the Vulnerable Software and Affected Versions PaperCut MF affected versions not specified Description A race condition occurs when processing badge-swipe data from specific HP multifunction devices. Under certain network conditions involving dropped packets and out-of-order sequence...

Astra Linux - уязвимость в edk2

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed the issue where kexec caused a crash when executing scv instructions. kexec on pseries disables AIL reloconexc, which is required for supporting scv instructions. This happens before other CPUs have been sh...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fixed a race condition in sndseqtimeropen. The timer instance per queue is exclusive, and sndseqtimeropen should handle concurrent accesses properly. It seems that the function checks for an already existing timer...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: The variable sccount is decreased directly if the dlrecall queue operation fails. A deadlock warning occurred when invoking nfs4putstid after a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed a resource leak in lpfcsli4sendseqtoulp. If no handler is found in lpfccompleteunsoliocb that matches the rctl of a received frame, the frame is discarded, and resources may be leaked. This issue was fixed by...

OESA-2026-2164 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

OESA-2026-2163 opencryptoki security update

openCryptoki is an implementation of the PKCS 11 API that allows interfacing to devices that hold cryptographic information and perform cryptographic functions. openCryptoki provides application portability by isolating the application from the details of the cryptographic device. Isolating the...

CVE-2026-43033

A flaw was found in the Linux kernel's authencesn cryptographic module. When performing out-of-place decryption where source and destination data buffers are different, the system incorrectly handles high-order sequence bits. This leads to improper data rearrangement before hashing, which could...

CVE-2026-37534

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

CVE-2026-43042

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...

CVE-2026-43033

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place src != dst, there is no need to save the high-order sequence bits in dst as it could simply be re-copied...

CVE-2026-43042

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...