Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000506)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000506 advisory. In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack...

Exploit for OS Command Injection in Docker

🐳 ContainerBreaker - Docker Escape Exploit Simulator !Licen...

CVE-2025-14282

A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote client as root, only switching to the logged-in user upon spawning a shell or performing some operations like reading the user's file...

CVE-2025-68765

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

CVE-2025-68765 mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

CVE-2025-68765

The CVE-2025-68765 issue is in the Linux kernel’s mt7615 driver: in mt7615_mcu_wtbl_sta_add(), an skb sskb is allocated and, if mt76_connac_mcu_alloc_wtbl_req() fails, it is not freed, causing a memory leak. The published fix ensures sskb is freed via dev_kfree_skb() in the error path. Affected c...

CVE-2025-68765

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

Improper TLS Hostname Verification

org.apache.logging.log4j, log4j-core is vulnerable to improper TLS hostname verification. The vulnerability is due to the Socket Appender not enforcing TLS hostname verification even when explicitly enabled, which allows a man-in-the-middle attacker to intercept or redirect log traffic by...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mt7615 driver's mt7615mcuwtblstaadd function failing to free the skb when allocation fails, which could...

CVE-2025-68620

Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 expose two features that can be chained together to steal JWT authentication tokens without any prior authentication. The attack combines WebSocket-based request enumeration with unauthenticated...

CVE-2025-68620 Signal K Server vulnerable to JWT Token Theft via WebSocket Enumeration and Unauthenticated Polling

Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 expose two features that can be chained together to steal JWT authentication tokens without any prior authentication. The attack combines WebSocket-based request enumeration with unauthenticated...

[SECURITY] Fedora 43 Update: golang-github-googlecloudplatform-cloudsql-proxy-1.31.2-11.fc43

The Cloud SQL Proxy allows a user with the appropriate permissions to connect to a Second Generation Cloud SQL database without having to deal with IP whitelisting or SSL certificates manually. It works by opening unix/tcp sockets on the local machine and proxying connections to the associated...

PT-2026-8145

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a memory leak in the NFC LLCP Logical Link Control Protocol implementation, specifically within the nfc llcp send ui frame function. The issue stemmed from a...

PT-2026-3763

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.62 Description The Linux kernel contained a flaw within the networking subsystem related to usercopy handling. Specifically, the skbuff fclone cache was initialized without defining a usercopy region, unlike...

PT-2026-4479

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel's networking subsystem within the skb segment list function when handling packets aggregated by the GRO Generic Receive Offload engine. Prior to ...

PT-2026-27759

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the af unix subsystem related to garbage collection GC and the interaction with the MSG PEEK flag. Specifically, the GC mechanism could incorrectly...

PT-2026-8187

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's nvmet-tcp component where a hang can occur within the nvmet tcp listen data ready function. This issue arises when a socket is closed while in the TCP...

PT-2026-6153

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the fou module. Specifically, the FOU ATTR IPPROTO attribute should not be set to 0. When FOU ATTR IPPROTO is 0, the skb socket buffer is not...

PT-2026-27696

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s UDP handling. Specifically, when a UDP socket is bound to a wildcard address with a non-zero port, connected to an address, and then disconnected, the...

PT-2026-4488

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Address Resolution Protocol ARP. The issue stems from an incorrect assumption within the arp create function regarding the skb-head pointer...