Cleartext Storage of Sensitive Information

Overview typo3/cms-core is a free open source enterprise content management system. Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information due to the SetupModuleController module merging entity data with user-interface settings before storing them in DB. An...

Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information due to the SetupModuleController module merging entity data with user-interface settings before storing them in DB. An attacker can obtain sensitive user credentials by accessing the uc and...

CVE-2026-6553 TYPO3 CMS Stores Cleartext Password in User Settings Module

Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and usersettings fields of the beusers database table. This issue affects TYPO3 CMS version 14.2.0...

EUVD-2026-24081

Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and usersettings fields of the beusers database table. This issue affects TYPO3 CMS version 14.2.0...

CVE-2026-6553

TYPO3 CMS 14.2.0 is affected by CVE-2026-6553 where changing backend users’ passwords via the user settings module stores the cleartext password in the be_users.uc and be_users.user_settings fields. The root cause is plaintext password storage in these fields, leading to exposure of credentials. ...

CVE-2026-6553 TYPO3 CMS Stores Cleartext Password in User Settings Module

Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and usersettings fields of the beusers database table. This issue affects TYPO3 CMS version 14.2.0...

PT-2026-33927

Name of the Vulnerable Software and Affected Versions TYPO3 CMS version 14.2.0 Description Changing backend users passwords through the user settings module causes the cleartext password to be stored in the uc and user settings fields of the be users database table. Recommendations At the moment,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013035 advisory. In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011281 advisory. In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010973 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcomcpufreqhwreadlut If cpudev fails to get opp table in...

FreeBSD -- Missing large page handling in pmap_pkru_update_range()

Problem Description: In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface...

libXpm -- Out-of-bounds read in xpmNextWord()

The X.Org project reports: libXpm uses a number of internal helper functions to parse the XPM file format. One of these internal functions, xpmNextString, checks for the NULL terminator when looking for the end of the current string but not when looking for the beginning of the next string. A sma...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011351 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011068)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011068 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: fix module PLTs with mcount Li Huafei reports that mcount-based ftrace with module...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010915)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010915 advisory. In the Linux kernel, the following vulnerability has been resolved: m68k: Only force 030 bus error if PC not in exception table getkernelnofault does copy data in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011188 advisory. In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpiputtable to fix memory leak The start and length of the event log area are...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011300 advisory. In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010909 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odneditdpmtable callback With clang's kernel control...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010949)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010949 advisory. In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Add the missed acpiputtable to fix memory leak In checkacpitpm2, we get the TPM2 tab...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013290 advisory. In the Linux kernel, the following vulnerability has been resolved: m68k: Only force 030 bus error if PC not in exception table getkernelnofault does copy data in...