Advisory ROSA-SA-2026-3282

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-5 affected versions libssh-0.9.8-5 CVE-ID: CVE-2026-0965 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in libssh is related to the ability to open arbitrary files during configuration parsing. A local attacker could...

CLEANSTART-2026-LO26058 Security fixes for CVE-2025-15558, CVE-2026-1229, CVE-2026-25934, CVE-2026-27896, CVE-2026-33252, CVE-2026-33762, CVE-2026-34165, CVE-2026-34742, ghsa-37cx-329c-33x3, ghsa-89xv-2j6f-qhc8, ghsa-f6x5-jh6r-wrfv, ghsa-gm2x-2g9h-ccm8, ghsa-j5w8-q4qc-rx2x, ghsa-jhf3-xxhw-2wpp, ghsa-p436-gjf2-799p, ghsa-q382-vc8q-7jhj, ghsa-q9hv-hpm4-hj6x, ghsa-wvj2-96wp-fq3f, ghsa-xw59-hvm2-8pj6 applied in versions: 0.9.7-r1, 0.9.8-r0

Multiple security vulnerabilities affect the gptscript package. These issues are resolved in later releases. See references for individual vulnerability details...

Agent Zero 安全漏洞

Agent Zero is an artificial intelligence framework developed by Jan Tomášek. Version 0.9.8 of Agent Zero contains a security vulnerability, which stems from a flaw in the external MCP server configuration function. This vulnerability could allow attackers to execute arbitrary operating system...

CVE-2026-30624

CVE-2026-30624 affects Agent Zero 0.9.8, in the External MCP Servers configuration feature. A JSON MCP configuration can include arbitrary command and args, which are executed when applied without sufficient validation. This can allow an attacker to run arbitrary OS commands with the Agent Zero p...

CVE-2021-47873 VestaCP < 0.9.8-25 - Stored Cross-Site Scripting

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'vinterface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload...

Debian dla-4385 : libssh-4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4385 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4385-1 [email protected]...

Advisory ROSA-SA-2025-3090

Software: python-setuptools 0.9.8 OS: rosa-server79 unaffected versions = python-setuptools-0.9.8-7.0.3.res7 affected versions python-setuptools-0.9.8-7.0.3.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging simplification...

EUVD-2018-10268

Malware in sbrugna...

EUVD-2021-15061

Malware in sbrugna...

EUVD-2007-4976

Malware in sbrugna...

EUVD-2025-28528

Malicious code in bioql PyPI...

EUVD-2022-6895

Malicious code in bioql PyPI...

EUVD-2021-30600

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-53510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .ps...

Linux Distros Unpatched Vulnerability : CVE-2025-52456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted...

CVE-2025-53085

A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .psd file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-53085

A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .psd file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-50129

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .tga file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

DEBIAN-CVE-2025-35984

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-35984

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...