nvidia-live-translation-poc

NVIDIA Live Translation with Lip-Sync POC Real-time voice tra...

kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free

A use-after-free vulnerability was found in the Linux kernel Intel i915 graphics driver's GuC virtual engine request handling. A local user with access to GPU rendering can create requests on GuC virtual engines and trap references via syncfile or dmabuf, causing fence release operations to acces...

kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free

A use-after-free vulnerability was found in the Linux kernel Intel i915 graphics driver's GuC virtual engine request handling. A local user with access to GPU rendering can create requests on GuC virtual engines and trap references via syncfile or dmabuf, causing fence release operations to acces...

MiracleLinux 7 : ntp-4.2.6p5-25.1.0.1.el7.AXS7 (AXSA:2017-1296:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1296:01 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which...

CVE-2021-47807

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47807

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

PT-2026-3218

The MailerLite - WooCommerce integration plugin for WordPress is vulnerable to unauthorized data modification and deletion in all versions up to, and including, 3.1.3. This is due to missing capability checks on the resetIntegration function. This makes it possible for authenticated attackers, wi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004329 advisory. In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-004800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004800 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10syncrequest There are two check of 'mreplace' ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003883)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003883 advisory. In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with...

Flexense Sync Breeze security vulnerability

Flexense Sync Breeze is a file synchronization tool developed by Flexense Corporation. The version 13.6.18 of Flexense Sync Breeze contains a security vulnerability. This vulnerability stems from the Windows service configuration, where a service path without quotes was used, potentially allowing...

CVE-2021-47807 Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47807 Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47807

CVE-2021-47807 affects Sync Breeze 13.6.18, where an unquoted Windows service path in the program files directory allows a local attacker to inject a malicious executable and escalate privileges. The vulnerability stems from the unquoted service path in the service configuration, enabling local e...

f2fs: fix return value of f2fs_recover_fsync_data()

...

CVE-2025-14389

The WPBlogSyn plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the plugin's remote sync settings via a forged request granted...

CVE-2025-68822

A use-after-free flaw was found in the Linux kernel's ALPS touchpad driver. A race condition exists between device disconnection and the dev3registerwork delayed work item. During disconnect, the alpsdata structure can be freed while the delayed work is still executing, causing the work function ...

CVE-2025-71073

In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbdinterrupt schedules lk-tq via schedulework, and the work handler lkkbdreinit dereferences the lkkbd structure and its serio/inputdev fields. lkkbddisconnect and error...

PT-2026-3177

Name of the Vulnerable Software and Affected Versions Sync Breeze version 13.6.18 Description Sync Breeze version 13.6.18 contains a security issue due to an unquoted service path in its Windows service configuration. This allows local attackers to potentially execute arbitrary code. The issue...

CVE-2025-14389

The WPBlogSyn plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to update the plugin's remote sync settings via a forged request granted...