CVE-2026-1880

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows t...

EUVD-2026-27774

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Add SRCU protection for reading PDPTRs in getsregs2 Add SRCU read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigger access to guest memory: kvmpdptrread - svmcachereg - loadpdptrs -...

PT-2025-49087

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mptcp pm del add timer function, which can lead to a race condition. Specifically, the function may call sk stop timer sync while another process ...

kernel: ipv6: mcast: extend RCU protection in igmp6_send()

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...

PT-2025-27501 · Sunshine · Sunshine

Name of the Vulnerable Software and Affected Versions: Sunshine versions prior to 2025.628.4510 Description: The issue concerns a lack of protection against clickjacking attacks in the web interface of Sunshine, a self-hosted game stream host for Moonlight. This allows an attacker to embed the...

Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Use-After-Free in libxml2 CVE-2024-56171 libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 CVE-2025-24928 For more details about the security issues,...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-2048)

This update for java-180-openjdk fixes the following issues : - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: A...

Design/Logic Flaw

In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affected. Ther...

Threat Outbreak Alert RuleID18884: Email Messages Distributing Malicious Software on October 22, 2015

Medium Alert ID: 41661 First Published: 2015 October 22 14:32 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18884 and RuleID18884KVR may contain the...

Update protection against LEADTOOLS Raster Twain LtocxTwainu.dll Buffer Overflow

A buffer overflow vulnerability exists in LEADTOOLS Raster Twain ActiveX control. LEADTOOLS Imaging SDK provides tools for adding advanced imaging features to various applications. The vulnerability is due to a boundary error while parsing the "AppName" parameter of the affected ActiveX control...

Update Protection against Sun Java System Application Server HTTP TRACE Vulnerability

Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method which can be leveraged by attackers to gain access to sensitive user information. The HTTP TRACE method returns the contents of client HTTP requests in the entity-body of the TRACE response. A local or remote...