PT-2026-46265

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

CVE-2026-45871

A flaw was found in the Linux kernel's Trusted Platform Module TPM subsystem. When the getburstcount function encounters an error, the st33zp24 driver fails to release a previously acquired resource. This oversight can lead to resource exhaustion, potentially allowing a local attacker to cause a...

CVE-2026-45926

A flaw was found in the Linux kernel. When initializing a Pulse Width Modulation PWM chip, a memory leak can occur if the pwmchipalloc function fails. This happens because the allocated pwmchip's initial reference is not properly released, leading to unmanaged memory consumption. This vulnerabili...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the PWM chip initialization in rust/pwm. As a result of this failure, the allocated...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the checktemplate and tokenizecleanup functions in the checktemplate.cpp component of the executable. An attacker can cause a crash or disrupt service by providing specially crafted input to these functions...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the getsampleduration function. An attacker can cause the application to enter an infinite loop and consume excessive CPU resources by providing a specially crafted HEIF file during file parsing. Remediation A fix was...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the dmafencechainalloc function during execution. As a result, user-fence referenc...

Linux Distros Unpatched Vulnerability : CVE-2026-43069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcill: Fix firmware leak on error path Smatch reports: drivers/bluetooth/hcill.c:587 downloadfirmware warn: 'fw' from requestfirmware not released on...

Astra Linux - уязвимость в apache2

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

Astra Linux - уязвимость в linux-5.10, linux-5.15

There is a flaw in the Linux kernel’s handling of new TCP connections. The issue arises due to the lack of memory release after the effective lifetime of these connections. This vulnerability allows an unauthenticated attacker to create a denial-of-service condition on the system...

CVE-2026-43054

A flaw was found in the Linux kernel's SCSI target subsystem, specifically within the tcmloop module. This vulnerability arises when the tcmlooptargetreset function, responsible for handling target resets, fails to properly clear out commands that are still being processed. A local user or proces...

CVE-2026-41873

UNSUPPORTED WHEN ASSIGNED Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Pony Mail leading to admin account takeover. This issue affects all versions of the Lua implementation of Pony Mail. There is a Python implementation under development under t...

CVE-2026-31604

A flaw was found in the Linux kernel's rtw88 Wi-Fi driver. This vulnerability occurs when the driver fails to release a reference to a Universal Serial Bus USB device during certain probe errors, such as when descriptor parsing fails. A local attacker could potentially trigger this condition by...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a memory leak during the reset of the work queue in dmaengine idxd. This vulnerability may cause...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper lock checking when subroutines exit abnormally, potentially leading to locks acquired by...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via the ptpunpackEOSFocusInfoEx function. An attacker can cause a crash and potentially access sensitive memory contents by supplying specially crafted input from a malicious USB device. Remediation A fix was pushed int...

org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests

A flaw was found in org.eclipse.jetty. A remote attacker can exploit this vulnerability by sending a compressed HTTP request with Content-Encoding: gzip when the server's response is not compressed. This prevents the release of the JDK Inflater, leading to a resource leak. This resource exhaustio...

Arbitrary Command Injection

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Arbitrary Command Injection via the Bash.run method in metagpt/tools/libs/terminal.py. An attacker can execute arbitrary operating system commands by supplying crafted input remotely. Remediation A...

ROS-20260324-73-0031

A vulnerability in the pnvphp component of the Linux operating system kernel is related to the non-release of a resource after its valid exploitation period has expired. Exploitation of the vulnerability allows an attacker to cause a denial of service...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the allocation of resources that are not released properly, potentially leading to memory leaks...