PT-2026-6125

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel is susceptible to a flaw related to the handling of suspend and resume operations within the Renesas I2C driver. Specifically, inappropriate ordering of system sleep...

EUVD-2023-60533

NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer parameters that allows attackers to manipulate database queries. Attackers can inject arbitrary SQL code through unsanitized input to potentially disclose sensitive information from the mobile banking...

SUSE CVE-2023-54213

In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------ cut here ------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID: 26 at...

SUSE CVE-2023-54266

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...

SUSE CVE-2023-54277

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

SUSE CVE-2023-54314

In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993040)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993040 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993224)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993224 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027i2cxfer Wei Chen reports a kernel bug as blew...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993079)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993079 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out o...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993263)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993263 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102i2ctransfer In dw2102i2ctransfer, msg is controlled by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993226)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993226 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in u...

Linux Distros Unpatched Vulnerability : CVE-2023-54314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992943)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992943 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation This commit...

CVE-2023-54163

NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer parameters that allows attackers to manipulate database queries. Attackers can inject arbitrary SQL code through unsanitized input to potentially disclose sensitive information from the mobile banking...

CVE-2022-50799

Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the...

CVE-2023-54163 NLB mKlik Macedonia 3.3.12 SQL Injection via International Transfer Parameters

NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer parameters that allows attackers to manipulate database queries. Attackers can inject arbitrary SQL code through unsanitized input to potentially disclose sensitive information from the mobile banking...

CVE-2023-54163 NLB mKlik Macedonia 3.3.12 SQL Injection via International Transfer Parameters

NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer parameters that allows attackers to manipulate database queries. Attackers can inject arbitrary SQL code through unsanitized input to potentially disclose sensitive information from the mobile banking...

CVE-2023-54163

CVE-2023-54163 affects NLB mKlik Macedonia 3.3.12, where a SQL injection vulnerability exists in the international transfer parameters. The root cause is unsanitized input allowing arbitrary SQL execution, potentially exposing sensitive data from the mobile banking application. The CVSSv3.1 vecto...

CVE-2022-50799 Fetch Softworks Fetch FTP Client 5.8.2 Remote CPU Consumption Denial of Service

Fetch FTP Client 5.8.2 contains a denial of service vulnerability that allows attackers to trigger 100% CPU consumption by sending long server responses. Attackers can send specially crafted FTP server responses exceeding 2K bytes to cause excessive resource utilization and potentially crash the...

PsiTransfer has Zip Slip Path Traversal via TAR Archive Download

Summary A Zip Slip vulnerability in PsiTransfer allows an unauthenticated attacker to upload files with path traversal sequences in the filename e.g. ../../../.ssh/authorizedkeys. When a victim downloads the bucket as a .tar.gz archive and extracts it, malicious files are written outside the...