Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004761 advisory. An integer overflow flaw was found in the Linux kernels virtio device driver code in the way a user triggers the vhostvdpaconfigvalidate function. This flaw allows a...

SUSE CVE-2025-68783

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices getmeterlevelsfromurb parses the 64-byte meter packets sent by the device and fills the per-channel arrays meterlevel, complevel and masterlevel in struct...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002271 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001969)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001969 advisory. The cipsov4validate function in net/ipv4/cipsoipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service NULL pointer dereference and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000998)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000998 advisory. The cipsov4validate function in net/ipv4/cipsoipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service NULL pointer dereference and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001020 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...

CVE-2023-40035

Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable...

CVE-2026-21686

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...

(0Day) Langflow code Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the code parameter provided to the validate endpoint. The issue results from th...

(0Day) Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the execglobals parameter provided to the validate endpoint. The issue results...

CVE-2026-21686

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...

EUVD-2026-1392

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...

CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...

CVE-2026-21686

CVE-2026-21686 affects iccDEV: prior to 2.3.1.2, there is Undefined Behavior in CIccTagLutAtoB::Validate() when processing ICC color profiles. A patch exists in version 2.3.1.2. Affected users should upgrade to 2.3.1.2 or later. Public references consistently describe the issue as an undefined be...

CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...

CVE-2026-21676

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have a Heap-based Buffer Overflow in its CIccMBB::Validate function which checks tag data validity. This issue is fixed in version 2.3.1.1...

iccDEV 安全漏洞

iccDEV is an open source color configuration codebase from the International Color Consortium. A security vulnerability exists in iccDEV versions prior to 2.3.1.2, which stems from undefined behavior in the CIccTagLutAtoB::Validate function...

PT-2026-2083

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 contain Undefined Behavior in the...

Exploit for Code Injection in Hpe Oneview

ExploitCVE-2025-37164 ! This Script is made for educationa...

CVE-2026-21494

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...