CVE-2023-54166 igc: Fix Kernel Panic during ndo_tx_timeout callback

In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndotxtimeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This...

PT-2025-53995

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the igc driver that could lead to a kernel panic during an ndo tx timeout callback. This issue was discovered during loaded tests with various hardwa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992493 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb-ssequence check Journal emptiness is not determined by sb-ssequence == 0 bu...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992414)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992414 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992573)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992573 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet...

AZL-73234 CVE-2025-14180 affecting package php for versions less than 8.1.34-1

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

EUVD-2025-205486

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

CVE-2025-68749

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...

CVE-2023-54100 scsi: qedi: Fix use after free bug in qedi_remove()

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

CVE-2025-68749 accel/ivpu: Fix race condition when unbinding BOs

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper cleanup sequence that could lead to reuse after release...

FreyrSCADA Embedded Solution IEC 60870-5-104 Protocol 缓冲区错误漏洞

FreyrSCADA Embedded Solution IEC 60870-5-104 Protocol is a server emulator from FreyrSCADA Embedded Solution, Inc. A buffer error vulnerability exists in FreyrSCADA Embedded Solution IEC 60870-5-104 Protocol version v21.06.008, which stems from improper handling of a specific message sequence and...

EUVD-2025-204748

youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The importUsers function in SysUserController.java does not perform a permission check on the current user's identity, which may allow regular users to import user data into the database, resulting in an authorization bypass...

EUVD-2025-204750

PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...

CVE-2025-68381

Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow CAPEC-100 and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number...

OESA-2025-2853 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. Add a...

CVE-2025-68381

Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow CAPEC-100 and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number...

CVE-2025-68381

Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow CAPEC-100 and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number...

CVE-2025-68381

Packetbeat (Elastic Beats) Vulnerability CVE-2025-68381 stems from an improper bounds check (CWE-787) in processing UDP fragments, enabling a remote, unauthenticated attacker to trigger a buffer overflow and cause a crash or significant resource exhaustion with a crafted UDP packet containing an ...

CVE-2025-68381 Packetbeat Improper Bounds Check

Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow CAPEC-100 and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number...