CVE-2026-42224 ipl/web is vulnerable to reflected XSS by malformed search requests

ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...

[SECURITY] Fedora 43 Update: greetd-0.10.3-6.fc43

greetd is a minimal and flexible login manager daemon that makes no assumptions about what you want to launch...

CVE-2025-15439

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...

EUVD-2026-0654

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...

EUVD-2012-2761

Malware in sbrugna...

Exploit for CVE-2025-61622

PoC exploit for CVE-2025-61622, a Remote Code Execution RCE vu...

CVE-2025-61622 Apache Fory, Apache Fory: Python RCE via unguarded pickle fallback serializer in pyfory

Deserialization of untrusted data in python in pyfory versions 0.12.0 through 0.12.2, or the legacy pyfury versions from 0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources. An attacker can craft a data stre...

OPENSUSE-SU-2025:15551-1 cargo-c-0.10.3~git0.ee7d7ef-4.1 on GA media

These are all security issues fixed in the cargo-c-0.10.3git0.ee7d7ef-4.1 package on the GA media of openSUSE Tumbleweed...

Linux Distros Unpatched Vulnerability : CVE-2016-7794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository name. CVE-2016-7794 Note that Nessus relies...

Linux Distros Unpatched Vulnerability : CVE-2016-7793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a crafted repository URL. CVE-2016-7793 Note that Nessus relies ...

Capsule tenant owners with "patch namespace" permission can hijack system namespaces label

Summary A namespace label injection vulnerability in Capsule v0.10.3 allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation and potentially accessing cross-tenant resources through TenantResource...

CVE-2025-55205

Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces kube-system, default, capsule-system, bypassing multi-tenant isolation...

CVE-2025-53604

The web-push crate before 0.10.3 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header...

Security update for cargo-c

This update for cargo-c fixes the following issues: Security fixes: CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: Update to version 0.10.3git0.ee7d7ef: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

OPENSUSE-SU-2024:14359-1 cargo-c-0.10.3~git0.ee7d7ef-2.1 on GA media

These are all security issues fixed in the cargo-c-0.10.3git0.ee7d7ef-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14278-1 libpodofo-devel-0.10.3-2.1 on GA media

These are all security issues fixed in the libpodofo-devel-0.10.3-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12616-1 wasm-pack-0.10.3~0-2.1 on GA media

These are all security issues fixed in the wasm-pack-0.10.30-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11013-1 libwpd-0_10-10-0.10.3-2.3 on GA media

These are all security issues fixed in the libwpd-010-10-0.10.3-2.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12543-1 capnproto-0.10.3-1.1 on GA media

These are all security issues fixed in the capnproto-0.10.3-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2023-42811

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...