4521 matches found
PT-2026-1858
Name of the Vulnerable Software and Affected Versions Quarkus versions prior to 3.31.0 Quarkus versions prior to 3.27.2 Quarkus versions prior to 3.20.5 Description Quarkus is a Cloud Native framework for Java applications. A flaw exists in the HTTP layer related to response handling. When writin...
Directory Traversal
Overview chainlit is a Build Conversational AI. Affected versions of this package are vulnerable to Directory Traversal via the updatethreadelement and deletethreadelement handlers in backend/chainlit/server.py. An authenticated attacker can read arbitrary files from the server by sending a craft...
PT-2026-27662
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the nfsd nl threads set doit function. Specifically, a reference to a cred structure is leaked when nfsd nl threads set doit calls nfsd svc...
PT-2026-20345
Name of the Vulnerable Software and Affected Versions fast-xml-parser versions prior to 5.3.6 Description The XML parser is susceptible to an unlimited amount of entity expansion. A small XML input can cause the parser to spend significant time processing a single request, leading to application...
PT-2026-22011
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the RAIL channel window management where the xf rail server local move size function dereferences a freed xfAppWindo...
PT-2026-22010
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the xf AppUpdateWindowFromSurface function where it reads from a freed xfAppWindow. This occurs because the RDPGFX D...
PT-2026-8154
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the perf subsystem related to user space stack tracing. A race condition can occur when a task is exiting, leading to a NULL pointer dereference if pe...
PT-2026-2937
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A heap use-after-free condition exists in the irp thread func function because the IRP is freed by irp-Complete and subsequently...
PT-2026-2929
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw due to a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread. This condition...
SUSE CVE-2023-54294
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993085)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993085 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Add multi-thread support for a DMA channel When we get a DMA channel and tr...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993215)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993215 advisory. In the Linux kernel, the following vulnerability has been resolved: intelth: msu: Fix vmalloced buffers After commit f5ff79fddf0e dma-mapping: remove CONFIGDMAREMAP...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993014)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993014 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at...
EUVD-2023-60510
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...
EUVD-2023-60395
In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcuscalewriter scheduletimeoutuninterruptible to idle The rcuscale.holdoff module parameter can be used to delay the start of rcuscalewriter kthread. However, the hung-task timeout will trigger when the timeout...
CVE-2023-54294
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...
CVE-2023-54294
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...
UBUNTU-CVE-2023-54294
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...
CVE-2023-54294
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...
CVE-2023-54294 md/raid10: fix memleak of md thread
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...