fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO

...

fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO

...

ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0

...

SUSE CVE-2026-31675

In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...

EZB Systems Easyboot 安全漏洞

EZB Systems Easyboot is a tool developed by EZB Systems that simplifies the process of creating boot discs for Linux systems and installing operating systems. Version 6.6.0 of EZB Systems Easyboot contains a security vulnerability. This vulnerability stems from a buffer overflow in the Replace Te...

Safeguarding Skies: Airport Cybersecurity in the Digital Age

The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world...

HD Tune Easy PhotoResQ 安全漏洞

HD Tune Easy PhotoResQ is a image recovery tool developed by HD Tune Corporation, designed for restoring photos that have been accidentally deleted or damaged. Version 1.0 of HD Tune Easy PhotoResQ contains a security vulnerability. This vulnerability stems from the use of an excessively long...

PT-2026-35222

A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection. The attack must be carried out locally. The exploit has been disclosed...

PT-2026-35197

Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation...

CVE-2026-6977

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

busybox: Fix of 4 CVEs

CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding - CVE-2017-16544: reject terminal control sequences in shell tab completion - CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths - CVE-2019-5747: validate DHCPSUBNET option length before decoding...

CLSA-2026-1777036898 libssh2: Fix of 2 CVEs

CVE-2019-3858: fix zero-byte allocation in sftppacketread - CVE-2019-3859: fix out-of-bounds reads in libssh2packetrequire...

libssh2: Fix of 2 CVEs

CVE-2019-3858: fix zero-byte allocation in sftppacketread - CVE-2019-3859: fix out-of-bounds reads in libssh2packetrequire...

CVE-2026-31675 net/sched: sch_netem: fix out-of-bounds access in packet corruption

In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...

CVE-2026-31675

In the Linux kernel, the following vulnerability has been resolved: net/sched: schnetem: fix out-of-bounds access in packet corruption In netemenqueue, the packet corruption logic uses getrandomu32belowskbheadlenskb to select an index for modifying skb-data. When an AFPACKET TXRING sends fully...

CVE-2026-31675

CVE-2026-31675 — Linux kernel netem out-of-bounds in packet corruption The issue arises in net/sched: sch_netem where the packet corruption logic selects an index into skb->data using get_random_u32_below(skb_headlen(skb)). For AF_PACKET TX_RING sending fully non-linear packets over an IPIP tu...

CLSA-2026-1776849467 jasper: Fix of 3 CVEs

CVE-2021-26926: prevent out-of-bounds read in jp2decode by hard-erroring on inconsistent IHDR/BPCC component metadata - CVE-2021-26927: prevent out-of-bounds read in jp2decode by hard-erroring on inconsistent IHDR/BPCC component metadata - CVE-2021-3272: prevent heap-based buffer over-read in...

BIT-ARGO-WORKFLOWS-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...

SUSE CVE-2026-31569

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointcupdateswcoremap can be empty, currently we get a cpuid with -1 in this case, but we actually need 0 because it's similar as the case that...

SUSE CVE-2026-31603

In the Linux kernel, the following vulnerability has been resolved: staging: sm750fb: fix division by zero in pstohz pstohz is called from hwsm750crtcsetmode without validating that pixclock is non-zero. A zero pixclock passed via FBIOPUTVSCREENINFO causes a division by zero. Fix by rejecting zer...