9476 matches found
Incorrect Execution-Assigned Permissions
Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions when initialising host directories with 711 and 755 permissions instead of 700. An attacker can gain unauthorized access to sensitive data and potentially escalate privileges by accessing...
Incorrect Execution-Assigned Permissions
Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions when initialising host directories with 711 and 755 permissions instead of 700. An attacker can gain unauthorized access to sensitive data and potentially escalate privileges by accessing...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990459)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990459 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: tty: serial: Fix deadlock in sa1100settermios There is a deadlock in sa1100settermios,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990489)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990489 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990517)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990517 advisory. In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue:...
GHSA-FRMV-PR5F-9MCR Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects.
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods QuerySet.filter, QuerySet.exclude, and QuerySet.get, and the class Q, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the connector argument...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988955)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988955 advisory. In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885initdev When the driver fails to call the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989534)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989534 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gmacrtcpageflip was...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989435)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989435 advisory. In the Linux kernel, the following vulnerability has been resolved: bcache: avoid journal no-space deadlock by reserving 1 journal bucket The journal no-space deadlo...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989866)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989866 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ipset.ko...
Tenda AC23 SetVirtualServerCfg File Buffer Overflow Vulnerability
Tenda AC23 is a home dual-band wireless router launched by Tenda, focusing on large home coverage and high-speed transmission, supporting 802.11acWave2 technology, dual-band concurrent rate up to 2033Mbps. Tenda AC23 has a buffer overflow vulnerability, the vulnerability stems from the file...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989397)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989397 advisory. In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989674)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989674 advisory. In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smksetcipso Oops, I failed to update subject line. From...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988814)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988814 advisory. In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinityhint irqsetaffinityhit stores a reference to the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989056)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989056 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexpartialdestroywork Syzbot reported memory leak in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989932)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989932 advisory. In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885initdev When the driver fails to call the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989310)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989310 advisory. In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989668)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989668 advisory. In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message length calculation Outer nest for ETHTOOLASTRSETSTRINGSETS is not...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989591)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989591 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: fix NULL deref in fifosetlimit syzbot reported another NULL deref in fifosetlimit 1 I...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990285)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990285 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsethash: unaligned atomic read on struct nftsetext Access to genmask field in struc...