PT-2026-27437

Name of the Vulnerable Software and Affected Versions FreeIPMI versions prior to 1.16.17 Description The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management and is implemented by numerous hardware manufacturers to support system...

EUVD-2025-205869

pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function...

SUSE CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992893 advisory. In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993009)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993009 advisory. In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 driver core: get rid of struct...

qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion

Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across all array notations. Note: The default parameterLimit of 1000 effectively mitigates the DoS scenario...

EUVD-2023-60462

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

EUVD-2022-55832

In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmalloc fail to allocate. Need to check the return pointer before calling strcmp...

CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

UBUNTU-CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

CLSA-2025-1767098873 tomcat: Fix of CVE-2025-55752

CVE-2025-55752: fix path traversal vulnerability in URL normalization and improve QSA/QSD rewrite handling...

OESA-2025-2904 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A vulnerability was found in GNOME GLib...

OESA-2025-2903 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A vulnerability was found in GNOME GLib...

OESA-2025-2901 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A vulnerability was found in GNOME GLib...

CVE-2025-15246

A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has...

CVE-2022-50866 ASoC: pxa: fix null-pointer dereference in filter()

In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmalloc fail to allocate. Need to check the return pointer before calling strcmp...

CVE-2023-54179 scsi: qla2xxx: Array index may go out of bound

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

CVE-2023-54179

Technical details about CVE-2023-54179 (Linux kernel scsi: qla2xxx array index out of bound) are not provided in the connected documents. Monitor for updates from SUSE/OpenVAS/OSV references.

CVE-2023-54179 scsi: qla2xxx: Array index may go out of bound

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...