Unity Linux 20.1070e Security Update: jersey (UTSA-2026-016750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016750 advisory. Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFil...

Astra Linux - уязвимость в libstb

Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbiconvertformat. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted pic file...

MiracleLinux 8 : glibc-2.28-151.el8 (AXSA:2021-1780:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1780:06 advisory. glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding CVE-2019-25013 glibc: regular-expression...

CVE-2025-14801

A security vulnerability has been detected in xiweicheng TMS up to 2.28.0. This affects the function createComment of the file /admin/blog/comment/create. Such manipulation of the argument content leads to cross site scripting. The attack may be performed from remote. The exploit has been disclos...

EUVD-2017-16262

Malware in sbrugna...

EUVD-2017-16260

Malware in sbrugna...

EUVD-2023-46871

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-10739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by...

CVE-2023-43898

Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbiconvertformat. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted pic file...

CVE-2010-4756 affecting package glibc 2.28-24

CVE-2010-4756 affecting package glibc 2.28-24. This CVE either no longer is or was never applicable...

OPENSUSE-SU-2024:13313-1 gpp-2.28-1.1 on GA media

These are all security issues fixed in the gpp-2.28-1.1 package on the GA media of openSUSE Tumbleweed...

Hardcoded credentials

Maintenance Server, in Cybellum's QCOW air-gapped distribution China Edition, versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the...

CVE-2023-42419 Improper Management of Cryptographic Keys in the Maintenance Server in QCOW Air-Gapped Distribution (China Edition)

Maintenance Server, in Cybellum's QCOW air-gapped distribution China Edition, versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the...

PT-2024-13040 · Cybellum · Cybellum'S Qcow Air-Gapped Distribution

Name of the Vulnerable Software and Affected Versions: Cybellum's QCOW air-gapped distribution China Edition versions 2.15.5 through 2.27 Description: The issue concerns a hard-coded private cryptographic key in the Maintenance Server of Cybellum's QCOW air-gapped distribution China Edition. An...

Advisory ROSA-SA-2024-2332

Software: glibc 2.28 OS: ROSA Virtualization 2.1 packageevrstring: glibc-2.28-225.rv3.src.rpm CVE-ID: CVE-2023-4527 BDU-ID: 2023-06332 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the getaddrinfo function of the glibc system library is related to reading data outside of buffer boundaries in...

OESA-2024-1037 jersey security update

Jersey is the open source JAX-RS JSR 311 production quality Reference Implementation for building RESTful Web services. %if Security Fixes: Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the...

CVE-2014-125109 BestWebSoft Portfolio Plugin bws_menu.php bws_add_menu_render cross site scripting

A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27. It has been declared as problematic. This vulnerability affects the function bwsaddmenurender of the file bwsmenu/bwsmenu.php. The manipulation of the argument bwsmnformemail leads to cross site scripting. The attack can be...

OESA-2023-1837 stb security update

Single-file public domain libraries for C/C++. Security Fixes: Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbiconvertformat. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted pic file.CVE-2023-43898...

CVE-2023-43898

Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbiconvertformat. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted pic file...

Null pointer dereference

Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbiconvertformat. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted pic file...