CVE-2025-68139 In EVerest, by default, the EV is responsible for closing the connection if the module encounters an error during request processing

EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for terminateconnectiononfailedresponse is False, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the modul...

EUVD-2025-206320

EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for terminateconnectiononfailedresponse is False, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the modul...

drm/msm/dpu: Add missing NULL pointer check for pingpong interface

...

um: init cpu_tasks[] earlier

...

MiracleLinux 7 : rh-postgresql95-postgresql-9.5.9-4.el7 (AXSA:2017-2468:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2468:03 advisory. Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003761 advisory. An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the...

MiracleLinux 7 : kernel-3.10.0-693.21.1.el7 (AXSA:2018-2625:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2625:03 advisory. Kernel: KVM: MMU potential stack buffer overrun during page walks CVE-2017-12188, Important Kernel: KVM: debug exception via syscall emulation...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.14-2.AXS4 (AXSA:2017-2465:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2465:03 advisory. Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000677)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000677 advisory. Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSGMORE ipappenddata calls ipufoappenddata to append...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001655 advisory. The x86/fpu Floating Point Unit subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correct...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003636 advisory. parseaudiomixerunit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. Tenable has extract...

iommu: disable SVA when CONFIG_X86 is set

...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002152)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002152 advisory. The ip6appenddatamtu function in net/ipv6/ip6output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002136)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002136 advisory. net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers t...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003225)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003225 advisory. The x86/fpu Floating Point Unit subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correct...

CVE-2025-71138

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add missing NULL pointer check for pingpong interface It is checked almost always in dpuencoderphyswbsetupctl, but in a single place the check is missing. Also use convenient locals instead of physenc- where availabl...

UBUNTU-CVE-2025-71140

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

CVE-2025-71138

CVE-2025-71138 pertains to the Linux kernel DRM MSM DPU, where a missing NULL pointer check for the pingpong interface was fixed. The vulnerability is addressed by upstream patch 693860, with the issue occurring in dpu_encoder_phys_wb_setup_ctl() and related code paths. Affected environments refe...

Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

Over the past year, Microsoft Threat Intelligence observed the proliferation of RedVDS, a virtual dedicated server VDS provider used by multiple financially motivated threat actors to commit business email compromise BEC, mass phishing, account takeover, and financial fraud. Microsoft’s...

SUSE CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...