Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013271 advisory. An issue was discovered in romfsdevread in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. Tenabl...

CVE-2023-21222

In loaddtdata of storage.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

SUSE CVE-2016-9190

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...

JerryScript ecma-literal-storage.c denial of service vulnerability

JerryScript, a lightweight JavaScript engine from the JerryScript project, has a denial-of-service vulnerability in version 3.0.0, which stems from a failed assertion in /jerry-core/ecma/base/ecma-literal-storage.c. case, an attacker could use this vulnerability to launch a denial of service...

Arbitrary code using "crafted image file" approach affecting Pillow

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...

CVE-2016-9190

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...

PYSEC-2016-9

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...

CVE-2016-9190

Pillow (Python Imaging Library) prior to version 3.3.2 is affected by CVE-2016-9190. The bug arises from an Insecure Sign Extension issue in ImagingNew within Storage.c, enabling context-dependent attackers to achieve arbitrary code execution via a crafted image file. Affected versions are Pillow...

CVE-2016-9190

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...