PT-2025-51638

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in lib/test kho where a check for Kernel Hardware Observability KHO enablement is missing. Without verifying KHO is enabled before issuing KHO commands...

CVE-2025-40225

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix kernel panic on partial unmap of a GPU VA region This commit address a kernel panic issue that can happen if Userspace tries to partially unmap a GPU virtual region aka drmgpuva. The VMBIND interface allows parti...

SUSE CVE-2025-40225

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix kernel panic on partial unmap of a GPU VA region This commit address a kernel panic issue that can happen if Userspace tries to partially unmap a GPU virtual region aka drmgpuva. The VMBIND interface allows parti...

CVE-2025-54065

GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom engine. In versions 4.14.2 and earlier, ZScript actor state handling allows scripts to read arbitrary addresses, write constants into the JIT-compiled code section, and redirect control flow through crafted...

UBUNTU-CVE-2025-40225

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix kernel panic on partial unmap of a GPU VA region This commit address a kernel panic issue that can happen if Userspace tries to partially unmap a GPU virtual region aka drmgpuva. The VMBIND interface allows parti...

CVE-2025-40225

CVE-2025-40225 affects the Linux kernel panthor DRM/GPU virtualization path. The issue occurs when userspace partially unmaps a GPU virtual address region (drm_gpuva) via VM_BIND, which can trigger a NULL pointer dereference in the panthor_gpuva_sm_step_remap path and cause a kernel panic. The ro...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the xml.dom.minidom methods like appendChild due to the dependancy on the clearidcache algorithm when processing excessively nested XML documents. An attacker can exhaust system resources and impact...

CVE-2025-54065 GZDoom engine allows arbitrary code execution via ZScript actor states

GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom engine. In versions 4.14.2 and earlier, ZScript actor state handling allows scripts to read arbitrary addresses, write constants into the JIT-compiled code section, and redirect control flow through crafted...

CLSA-2025-1764235184 jackson-core: Fix of CVE-2025-52999

CVE-2025-52999: add StreamReadConstraints to protect against DoS attacks via deeply nested structures and oversized inputs...

DEBIAN-CVE-2025-66030

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be...

CVE-2025-66031 node-forge ASN.1 Unbounded Recursion

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This...

CVE-2025-12816

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

CVE-2025-12816

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

nfstream 6.5.4

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990568)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990568 advisory. In the Linux kernel, the following vulnerability has been resolved: locking/wwmutex/test: Fix potential workqueue corruption In some cases running with the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990174 advisory. In the Linux kernel, the following vulnerability has been resolved: locking/wwmutex/test: Fix potential workqueue corruption In some cases running with the...

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: Fixed use-after-free in XPresentNotify structures creation CVE-2025-62229, bsc1251958 Fixed use-after-free in Xkb client resource removal CVE-2025-62230, bsc1251959 Fixed value overflow in Xkb extension XkbSetCompatMap CVE-2025-62231,...

[SECURITY] Fedora 42 Update: perl-YAML-Syck-1.36-1.fc42

This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...

Cross-site Scripting (XSS)

com.liferay, com.liferay.dynamic.data.mapping.form.field.type is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper validation of user-supplied input in "Rich Text" type fields within web content structures, document types, or custom assets using the Data Engine module,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from dereferencing structures before pointer checking, which could cause the kernel to crash...