OESA-2026-2282 sed security update

Sed is a non-interactive command-line text editor. A stream editor is used to per-form basic text transformations on an input stream a file or input from a pipeline. Security Fixes: When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two...

OP-TEE Trusted OS 输入验证错误漏洞

OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. In versions 3.8.0 to 4.10 of OP-TEE Trusted OS, there is a vulnerability related to input validation errors. This...

EUVD-2026-23834

When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determining when output is written, 2. opens the original...

PT-2026-33758

Name of the Vulnerable Software and Affected Versions gnu sed versions prior to 4.10 Description A race condition exists when the software is invoked with both -i in-place edit and --follow-symlinks. The function open next file performs two separate, non-atomic filesystem operations on the same...

CVE-2026-2151

A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file advfirewall.php of the component DMZ Host Feature. Such manipulation of the argument dmzipaddr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the...

003-gas-convert (=1.0.1), 0x-hunter-core (>=1.0.0 <=1.0.1-5) +13827 more potentially affected by CVE-2026-2739 via bn.js (>=4.10.3 <=4.12.0)

bn.js NPM version =4.10.3, =1.0.0, =0.0.3, =0.0.3, =0.0.11, =1.1.0, =0.0.2, =0.9.9, =0.10.33 - 108-gas-convert =1.0.0 - 2.typescript-init =1.0.0 - 260f-check-balance =1.0.0 - 260f-gas-convert =1.0.0 and more Source cves: CVE-2026-2739 Source advisory: SNYK:JS-BNJS-15274301...

CVE-2026-2152

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file advrouting.php of the component Web Configuration Interface. Performing a manipulation of the argument destip/ submask/ gw results in os command injection. The attack may be initiated remotely. T...

PT-2026-5053

Name of the Vulnerable Software and Affected Versions D-Link DIR-615 version 4.10 Description A flaw exists in the URL Filter component of D-Link DIR-615 version 4.10, specifically in the processing of the /set temp nodes.php file. This allows for os command injection, which can be triggered...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003966 advisory. In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003436 advisory. drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIGVMAPSTACK option, which allows...

CVE-2025-66169 Apache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component

Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001207 advisory. drivers/char/virtioconsole.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to...

CVE-2019-11428

I, Librarian 4.10 has XSS via the export.php exportfiles parameter...

CVE-2022-27110

OrangeHRM 4.10 is vulnerable to a Host header injection redirect via viewPersonalDetails endpoint...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000253)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000253 advisory. In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem...

CVE-2025-40830

A vulnerability has been identified in SINEC Security Monitor All versions V4.10.0. The affected application does not have proper authorization checks for the filetransfer feature in ssmctl-client command. This could allow an authenticated, lowly privileged local attacker to read or write to any...

EUVD-2018-17026

Malware in sbrugna...

EUVD-2019-3103

Malware in sbrugna...

EUVD-2019-1042

Malware in sbrugna...

EUVD-2021-27172

Malware in sbrugna...