PT-2026-27716

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the pipapo set type in the netfilter module. A large number of expired elements can cause the garbage collection process to run fo...

PT-2026-29086

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.43 and earlier Description The iconv function in the GNU C Library may experience a crash due to an assertion failure when processing inputs from the IBM1390 or IBM1399 character sets. This could potentially be exploit...

PT-2026-28332

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak within the nf tables module, specifically in the nft dynset component. This issue occurs when cloning stateful expressions. If the allocation of t...

PT-2026-27662

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the nfsd nl threads set doit function. Specifically, a reference to a cred structure is leaked when nfsd nl threads set doit calls nfsd svc...

CVE-2025-15356

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit...

CVE-2022-50826

In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: Fix NULL pointer dereference in imgusubdevsetselection Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereference. This can currently happen in...

CVE-2025-15230

A vulnerability was found in Tenda M3 1.0.0.134903. Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing a manipulation of the argument qvlantruckport results in heap-based buffer overflow. Remote exploitation of the attack is possible. The...

CVE-2025-15231

A vulnerability was determined in Tenda M3 1.0.0.134903. This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public...

SUSE CVE-2022-50826

In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: Fix NULL pointer dereference in imgusubdevsetselection Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereference. This can currently happen in...

WordPress Infility Global plugin <= 2.9.8 - Reflected Cross-Site Scripting via set_type Parameter vulnerability

Reflected Cross-Site Scripting via settype Parameter vulnerability discovered by vgo0 in WordPress Plugin Infility Global versions = 2.9.8...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993171 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to...

Unity Linux 20.1070e Security Update: util-linux (UTSA-2025-993327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993327 advisory. A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992827)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992827 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992897 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann...

Linux Distros Unpatched Vulnerability : CVE-2023-54168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx4: Prevent shift wrapping in setusersqsize The ucmd-logsqbbcount variable is controlled by the user so this shift can wrap. Fix it by using...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993067)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993067 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993070)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993070 advisory. In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctlKDFONTOP th...

CVE-2025-15356

The vulnerability CVE-2025-15356 affects Tenda AC20 routers (firmware up to 16.03.08.12). The issue is in the sscanf call in /goform/PowerSaveSet, where improper handling of the arguments powerSavingEn, time, powerSaveDelay, and ledCloseType can lead to a buffer overflow. Remote exploitation is p...

EUVD-2025-205852

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit...

CVE-2025-15356 Tenda AC20 PowerSaveSet sscanf buffer overflow

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit...