CVE-2026-0915

CVE-2026-0915 concerns glibc’s DNS handling: uninitialized stack buffer used as DNS query name when net==0 can leak stack contents to the DNS resolver. Connected advisories indicate affected packages (glibc) with fixes in versions >= 2.35-9 (e.g., SUSE/OpenSUSE, Ubuntu, Rocky Linux, AlmaLinux,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003445 advisory. The x25negotiatefacilities function in net/x25/x25facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002054)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002054 advisory. The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002809)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002809 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003252 advisory. The x25negotiatefacilities function in net/x25/x25facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003003)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003003 advisory. The getuserasmex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to...

CVE-2026-22190

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...

CVE-2026-22190

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...

DEBIAN-CVE-2025-40221

In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the scan structure is zeroed before use...

JLSEC-2025-324 A flaw was found in rsync which could be triggered when rsync compares file checksums

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...

EUVD-2002-0382

Malware in sbrugna...

EUVD-2015-3329

Malware in sbrugna...

EUVD-2021-22902

Malware in sbrugna...

EUVD-2019-6786

Malware in sbrugna...

EUVD-2017-0734

Malware in sbrugna...

EUVD-2018-3881

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987268 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix possible bogus match in nfosffind nfosffind incorrectly returns true...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414610 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka...

EUVD-2025-9301

Malicious code in bioql PyPI...

EUVD-2024-30680

Malicious code in bioql PyPI...