Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of IRQ requests and the allocation of the powersupply handle in the power...

PT-2026-43472

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in buffer overflow. The attack can be launched...

PT-2026-43612

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-45857

scsi: csiostor: Fix dereference of null pointer rn...

CVE-2026-45942

ext4: fix e4b bitmap inconsistency reports...

PT-2026-43725

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system when allocating initialized blocks from a large unwritten extent or splitting an unwritten extent during end I/O. A potential for stale data occur...

PT-2026-43850

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nfsd component where certain operations, such as SETATTR, can trigger idmap lookup upcalls during v4 request compound argument decoding. If these upcall responses...

ROS-20260527-73-0002

A vulnerability in the NFSv4.0 component of the Linux operating system kernel is related to incorrect calculations of the allocated buffer size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

PT-2026-43649

Name of the Vulnerable Software and Affected Versions VikBooking Hotel Booking Engine & PMS versions prior to 1.9.0 Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, allows access to files outside of the intended directory. Recommendations Update...

RHEL 10 : cockpit (RHSA-2026:21390)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:21390 advisory. Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports,...

List of Security Fixes and Improvements in Veeam Service Provider Console

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Service Provider Console. This article aims to provide our customers' security and compliance teams with detailed information on security improvements between releases to help...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions of Google Chrome on iOS prior to 148.0.7778.216, there was a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released by iOS, which could allow remote attackers to induce...

CVE-2025-71309

fs/ntfs3: fix deadlock in nireadfoliocmpr...

PT-2026-43872

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the xfs alloc buftarg function within the XFS file system. The issue occurs in the error path where the DAX Direct Access device reference is not properly...

CVE-2026-46074

spi: ch341: fix memory leaks on probe failures...

CVE-2026-45861

gfs2: Fix slab-use-after-free in qdput...

systeminformation 操作系统命令注入漏洞

SystemInformation is a NPM software library developed by Sebastian Hildebrandt, which allows access to operating system information. Versions of SystemInformation from 4.17.0 to 5.31.5 contain a vulnerability related to operating system command injection. This vulnerability arises on Linux when t...

RHEL 9 : glibc (RHSA-2026:20597)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20597 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

Linux Distros Unpatched Vulnerability : CVE-2026-41074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. A...

Amazon Linux 2023 : credentials-fetcher (ALAS2023-2026-1744)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1744 advisory. crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...