DEBIAN-CVE-2026-31607

In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...

CVE-2026-31607

CVE-2026-31607 (Linux kernel USB/IP) : A RET_SUBMIT response can cause an out-of-bounds write when usbip_pack_ret_submit() overwrites urb->number_of_packets without validation. The loop bound in usbip_recv_iso()/usbip_pad_iso() then writes beyond urb->iso_frame_desc[], triggering a heap OOB...

CVE-2026-31607 usbip: validate number_of_packets in usbip_pack_ret_submit()

In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...

PT-2026-34918

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix fence put before wait in amdgpu amdkfd submit ib amdgpu amdkfd submit ib submits a GPU job and gets a fence from amdgpu ib schedule. This fence is used to wait for job completion. Currently, the code drops the fen...

PT-2026-34959

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap out-of-bounds write exists in the USB/IP client. The function usbip pack ret submit unconditionally overwrites the number of packets variable from the network PDU. A malicious...

EUVD-2026-24814

In the Linux kernel, the following vulnerability has been resolved: erofs: add GFPNOIO in the bio completion if needed The bio completion path in the process context e.g. dm-verity will directly call into decompression rather than trigger another workqueue context for minimal scheduling latencies...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006939 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent kernel bug at submitbhwbc Fix a bug where nilfsgetblock returns a successful stat...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011201)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011201 advisory. In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by...

CVE-2026-23756

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in ControllerStep.InsertSubmit and EditSubmit before being rendered by ViewStep.RenderViewSteps. An authenticated staff member can inject...

CVE-2026-23756 GFI HelpDesk < 4.99.9 Stored XSS via Troubleshooter Step Subject

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in ControllerStep.InsertSubmit and EditSubmit before being rendered by ViewStep.RenderViewSteps. An authenticated staff member can inject...

CVE-2026-23758 GFI HelpDesk < 4.99.9 Stored XSS via editsubject Parameter

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the ticket subject field that allows authenticated staff members to inject malicious JavaScript by manipulating the editsubject POST parameter. Attackers can inject XSS payloads through inadequate sanitization in...

PT-2026-33814

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in Controller Step.InsertSubmit and EditSubmit before being rendered by View Step.RenderViewSteps. An authenticated staff member can injec...

PT-2026-33815

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the ticket subject field that allows authenticated staff members to inject malicious JavaScript by manipulating the editsubject POST parameter. Attackers can inject XSS payloads through inadequate sanitization in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006802 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent kernel bug at submitbhwbc Fix a bug where nilfsgetblock returns a successful stat...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006717 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmitur...

EUVD-2019-20107

Pegasus CMS 1.0 contains a remote code execution vulnerability in the extrafields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the acti...

CVE-2019-25687

Pegasus CMS 1.0 contains a remote code execution vulnerability in the extrafields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the acti...

CVE-2019-25687

Pegasus CMS 1.0 is affected by a remote code execution vulnerability in the extra_fields.php plugin. The flaw arises from unsafe eval usage, allowing unauthenticated attackers to send malicious PHP code via the action parameter in POST requests to submit.php, achieving code execution and an inter...

CVE-2019-25687 Pegasus CMS 1.0 Remote Code Execution via extra_fields.php

Pegasus CMS 1.0 contains a remote code execution vulnerability in the extrafields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the acti...

PT-2026-30495

Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the...