Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989806 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualizati...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989574)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989574 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iiosysfstriginit devsetname allocates memory for...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989778)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989778 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989643 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsethash: unaligned atomic read on struct nftsetext Access to genmask field in struc...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989614)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989614 advisory. In the Linux kernel, the following vulnerability has been resolved: pinctrl: aspeed: Fix potential NULL dereference in aspeedpinmuxsetmux pdesc could be null but sti...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990017)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990017 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it i...

SUSE-SU-2025:3935-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002330 fixes several issues. The following security issues were fixed: - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. - CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208. -...

RockyLinux 8 : xorg-x11-server (RLSA-2025:19434)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19434 advisory. xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal...

kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...

EUVD-2025-37474

A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-12618

A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-12618 Tenda AC8 DatabaseIniSet buffer overflow

A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-12611

A vulnerability was identified in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly...

PT-2025-44764

Name of the Vulnerable Software and Affected Versions NetSurf version 3.11 Description NetSurf version 3.11 contains a Use After Free issue within the dom node set text content function. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland:...

ALSA-2025:19435 Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal CVE-2025-62230 xorg: xmayland: Value overflow in XkbSetCompatMap...

📄 Casdoor 2.95.0 Cross Site Request Forgery

Casdoor version 2.55.0 suffers from a cross site request forgery vulnerability. Exploit Title: Casdoor 2.95.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: v2.95.0 2025-10-22 Date: 2025-10-23 Exploit Author: Van Lam Nguyen Vendor Homepage: https://casdoor.org/ Software Link:...

ALSA-2025:19440 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: wifi: mac80211: check S1G action frame size CVE-2023-53257 kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets...

ALSA-2025:19447 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: wifi: mac80211: check S1G action frame size CVE-2023-53257 kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 kernel: wifi: cfg80211: fix use-after-free i...

CVE-2025-29699

NetSurf 3.11 is vulnerable to Use After Free in domnodesettextcontent function...