Unity Linux 20.1060e / 20.1070e Security Update: virglrenderer (UTSA-2026-017574)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017574 advisory. A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial ...

Astra Linux - уязвимость в virglrenderer

A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer from version 0.8.0 allows guest OS users to cause a denial of service through VIRGLCCMDRESOURCEINLINEWRITE commands...

OpenClaw: Memory dreaming config persistence was reachable from operator.write commands

Summary Memory dreaming config persistence was reachable from operator.write commands. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.5 = 2026.4.10 Impact A write-scoped gateway path could toggle persistent memory dreaming settings through /dreamin...

CVE-2024-2104

Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read and write device control commands through the mobile app service wich could render the device unusable...

CVE-2024-2104

CVE-2024-2104 describes an improper BLE security configuration on a device GATT server that enables an adjacent, unauthenticated attacker to read and write device control commands via the mobile app service, potentially rendering the device unusable. Multiple connected sources (including JBL/CVE ...

CVE-2024-2104 JBL: Improper BLE security configurations and lack of authentication on the device's GATT server

Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read and write device control commands through the mobile app service wich could render the device unusable...

EUVD-2024-27068

Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read and write device control commands through the mobile app service wich could render the device unusable...

DEBIAN-CVE-2022-50215

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

CVE-2024-27059

In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200atacommand The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ o...

SUSE CVE-2019-18389

A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGLCCMDRESOURCEINLINEWRITE commands...

PT-2022-34977 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the soundwire cadence, where msg-buf is overwritten during write commands. The actual impact and attack plausibility have not yet been proven. Recommendations: For Lin...