13329 matches found
OPENSUSE-SU-2026:20598-1 Security update for python-PyPDF2
This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-40260: crafted PDF can lead to large memory usage bsc1262284...
PT-2026-34532
It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resources under certain circumstances. An attacker could possibly use this issue to cause Apache Commons IO to crash, resulting in a denial of service...
Flowise 操作系统命令注入漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Prior to Flowise 3.1.0, there was a vulnerability related to operating system command injection. This vulnerability stemmed from insecure serialization of printf commands in the MCP adapter,...
PT-2026-34227
Name of the Vulnerable Software and Affected Versions WWBN AVideo versions 29.0 and earlier Description The CloneSite plugin contains a flaw where the 'cloneServer.json.php' endpoint constructs shell commands using the url parameter without proper sanitization. This input is directly concatenated...
FreeScout 安全漏洞
FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the IMAP/SMTP connection testing functionality in t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011089)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011089 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pmruntimegetsync will increment pm...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010897)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010897 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011024)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011024 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedre...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010951)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010951 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP,...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010970)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010970 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011235)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011235 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010714)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010714 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernels BPF subsystem due to the way a...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010829)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010829 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013141)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013141 advisory. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AFRXRPC to provide a server, it...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013050)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013050 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40evsirequestirqmsix error path If requestirq in i40evsirequestirqmsix...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010904)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010904 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic...
SUSE CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
CVE-2026-6060
A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...
Malicious Package
Overview tailwindthml-flips is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...