CVE-2026-46013

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

CVE-2026-46013 mm/memfd_luo: fix physical address conversion in put_folios cleanup

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

CVE-2026-46013

mm/memfdluo: fix physical address conversion in putfolios cleanup...

PT-2026-43880

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the put folios cleanup path of the memfd luo retrieve folios function. The kho restore folio function...

CVE-2026-42592 Gotenberg: DNS rebinding bypasses SSRF validation on Chromium URL conversion routes

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when i...

Fedora 42 : libsodium (2026-b7217393db)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b7217393db advisory. Version 1.0.21 This point release includes all the changes from 1.0.20-stable, which include a security fix for the cryptocoreed25519isvalidpoint function, a...

EUVD-2004-2628

Malware in sbrugna...

kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error

A flaw was found in Linux kernel tipc. tipcudpaddr2str does not return a nonzero value when UDP media address is invalid, which can result in a buffer overflow in tipcmediaaddrprintf...

UBUNTU-CVE-2024-42284

In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipcudpaddr2str on error tipcudpaddr2str should return non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow access can occur in tipcmediaaddrprintf. Fix this by returni...

ZKsync Era Security Vulnerability

ZKsync Era is an open source compiler from Matter Labs. A security vulnerability exists in ZKsync Era versions prior to 1.5.0, which stems from the address used to access the stack not being properly converted to a unit, and therefore invalid stack access may exist...

The vulnerability of the --inspect parameter implementation in Node.js’s object manipulation tools allows attackers to execute arbitrary code.

The vulnerability of the --inspect parameter in the Node.js object manipulation tool is related to errors during the conversion of the octal IP address. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

What is Geocoding? — How to Find Coordinates of An Address

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet,...

Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A buffer error vulnerability exists in Google Asylo version 0.6.0 and...

Fedora 24 : roundcubemail-1.1.5-1.fc24 (2016-aff691237e)

Release 1.1.5 Plugin API: Added html2text hook Plugin API: Added addressbookexport hook Fix missing emoticons on html-to-text conversion Fix random 'access to this resource is secured against CSRF' message at logout 4956 Fix missing language name in 'Add to Dictionary' request in HTML mode 4951...

XSSYA v2.0 - Cross Site Scripting Scanner & Vulnerability Confirmation

XSSYA Cross Site Scripting Scanner & Vulnerability Confirmation written in python scripting language confirm the XSS Vulnerability in two method first work by execute the payload encoded to bypass Web Application Firewall which is the first method request and responseif it respond 200 it turn...

CVE-2004-2637

The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 converts IP addresses of inbound connections to the IP address of the router, which allows remote attackers to bypass intended security restrictions...