EUVD-2026-31485

TypeBot is a chatbot builder tool. In versions 3.16.0 and prior, the WhatsApp Cloud API webhook endpoint POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook does not verify the x-hub-signature-256 HMAC signature included by Meta in every webhook delivery. The webhook URL exposes both...

CVE-2026-34413

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit or die, allowing PHP execution to continue and process the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004093)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004093 advisory. gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004385)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004385 advisory. An issue was discovered in slcbump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized canframe data,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000890)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000890 advisory. The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001546)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001546 advisory. fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bound...

CVE-2024-39915

Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000508)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000508 advisory. An issue was discovered in slcbump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized canframe data,...

Important: Red Hat Security Advisory: Red Hat Quay 3.16.0

Red Hat Quay 3.16.0 is now available with bug fixes. Quay 3.16.0...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414599 advisory. fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bound...

EUVD-2024-38297

Malicious code in bioql PyPI...

EUVD-2024-37394

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2014-7822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementation of certain splicewrite file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file,...

ROOT-OS-ALPINE-316-CVE-2023-48161 CVE-2023-48161 in rootio-giflib - Patched by Root

Root has patched CVE-2023-48161 in the rootio-giflib package for Root:Alpine:3.16. Multiple fixed versions available...

Linux Distros Unpatched Vulnerability : CVE-2021-33909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an...

Linux Distros Unpatched Vulnerability : CVE-2020-9383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 3.16 through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC inde...

CVE-2024-38530

The Open eClass platform formerly known as GUnet eClass is a complete Course Management System. An arbitrary file upload vulnerability in the "save" functionality of the H5P module enables unauthenticated users to upload arbitrary files on the server's filesystem. This may lead in unrestricted RC...

CVE-2024-38530 Open eClass Platform allows Arbitrary File Upload in "modules/h5p/save.php"

The Open eClass platform formerly known as GUnet eClass is a complete Course Management System. An arbitrary file upload vulnerability in the "save" functionality of the H5P module enables unauthenticated users to upload arbitrary files on the server's filesystem. This may lead in unrestricted RC...

CVE-2024-38530 Open eClass Platform allows Arbitrary File Upload in "modules/h5p/save.php"

The Open eClass platform formerly known as GUnet eClass is a complete Course Management System. An arbitrary file upload vulnerability in the "save" functionality of the H5P module enables unauthenticated users to upload arbitrary files on the server's filesystem. This may lead in unrestricted RC...

CVE-2024-38530 Open eClass Platform allows Arbitrary File Upload in "modules/h5p/save.php"

The Open eClass platform formerly known as GUnet eClass is a complete Course Management System. An arbitrary file upload vulnerability in the "save" functionality of the H5P module enables unauthenticated users to upload arbitrary files on the server's filesystem. This may lead in unrestricted RC...