PT-2026-6970

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security issue exists in the DDNS Service component of D-Link DIR-823X version 250416. The issue relates to the processing of the /goform/set ddns file. Manipulation of the ddnsType, ddnsDomainName,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004952)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004952 advisory. In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packetsetring and packetnotifier When packetsetring releases po-bindloc...

PT-2026-4753

Name of the Vulnerable Software and Affected Versions Access Manager 92xx hardware revision K7 affected versions not specified Description The Access Manager 92xx hardware revision K7 utilizes a Linux-based operating system, differing from older revisions that used Windows CE. An SSH service is...

PT-2026-6983

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue resides within the Configuration Handler component, specifically in the function sub 4208A0 located in the file /goform/set dmz...

CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

CVE-2026-23005 x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in guest XSAVE state whenever XFDi=1 When loading guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved or to be restored XSTATEBV...

CVE-2026-23005

CVE-2026-23005 is a Linux kernel issue where XSTATE_BV bits for features disabled by XFD can be out of sync with XFD during guest XSAVE/XRSTOR handling. The fix clears XSTATE_BV[i] when XFD[i]=1 during KVM_SET_XSAVE loading of guest state and related WRMSR updates, preventing XRSTOR from #NM and ...

CVE-2026-1081

The Set Bulk Post Categories plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing nonce validation on the bulk category update functionality. This makes it possible for unauthenticated attackers to modify post categorie...

CVE-2026-1081

The Set Bulk Post Categories plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing nonce validation on the bulk category update functionality. This makes it possible for unauthenticated attackers to modify post categorie...

CVE-2026-24406 iccDEV has Heap Buffer Overflow in CIccTagNamedColor2::SetSize()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize. This occurs when user-controllable input is unsafely incorporated into ICC profi...

CVE-2026-24406 iccDEV has Heap Buffer Overflow in CIccTagNamedColor2::SetSize()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize. This occurs when user-controllable input is unsafely incorporated into ICC profi...

SUSE-SU-2026:0284-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.3 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...

AZL-78431 CVE-2025-71154 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

CVE-2025-71154

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

CVE-2025-71154

CVE-2025-71154 concerns Linux kernel code for the rtl8150 USB driver. When usb_submit_urb() fails in async_set_registers(), the allocated async_req and URB are not freed, causing a memory leak. The completion callback async_set_reg_cb() frees these allocations only after a successful URB submissi...

CVE-2025-71154 net: usb: rtl8150: fix memory leak on usb_submit_urb() failure

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

SUSE-SU-2026:0269-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.30 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2024-57849: s390/cpumsf: handle CPU hotplug remove duri...

VulnCheck KEV: CVE-2025-7081

A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this vulnerability is the function formSetWanStatic of the file /goform/formSetWanStatic of the component webs. The manipulation of the argument...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004902)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004902 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memsetio In the function arkfbsetpar, the...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the asyncsetregisters function not releasing the URB and request structures when the usbsubmiturb...