MAL-2026-796 Malicious code in @rdxportal/ui-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6715dad49a0781dc55e72ae77bd13276de1564d08cfd1c0a3c3aebf37b72acc The package @rdxportal/ui-components was found to contain malicious code. Source: ghsa-malware...

RHSA-2026:2070 Red Hat Security Advisory: firefox security update

Bulletin has no description...

CVE-2026-20983

Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege...

CVE-2026-20983

Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege...

CVE-2026-20983

Samsung Dialer (Android) is affected by CVE-2026-20983 due to improper export of Android application components, enabling a local attacker to launch arbitrary activities with Samsung Dialer privileges. Affected software is Samsung Dialer prior to SMR Feb-2026 Release 1. The vulnerability is local...

CVE-2026-20983

Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege...

EUVD-2026-5392

Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege...

CVE-2026-20983

Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege...

SAMSUNG Dialer 安全漏洞

Samsung Dialer is a dialer application developed by South Korea’s Samsung Corporation. Versions of the Samsung Dialer prior to SMR Feb-2026 Release 1 contained security vulnerabilities. These vulnerabilities stemmed from improper export of Android application components, potentially allowing loca...

Linux Distros Unpatched Vulnerability : CVE-2026-25239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in apidoc queue insertion can...

CVE-2026-1232

A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...

UBUNTU-CVE-2026-25239

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in apidoc queue insertion can allow query manipulation if an attacker can influence the inserted filename value. This issue has been patched in version 1.33.0...

EUVD-2026-5194

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, an unauthenticated SQL injection in the /get// endpoint allows remote attackers to execute arbitrary SQL via a crafted package version. This issue has been patched in version 1.33.0...

EUVD-2026-5195

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

CVE-2026-25240

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

CVE-2026-25239

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in apidoc queue insertion can allow query manipulation if an attacker can influence the inserted filename value. This issue has been patched in version 1.33.0...

EUVD-2026-5198

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of pregreplace with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the evaluated replacement. This issue has been patched in...

CVE-2026-25235

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow attackers to guess verification tokens and potentially verify election account requests without authorization. This issue has been patched in version 1.33.0...

CVE-2026-25234

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id. This issue has been patched in version 1.33.0...

EUVD-2026-5202

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, logic bug in the roadmap role check allows non-lead maintainers to create, update, or delete roadmaps. This issue has been patched in version 1.33.0...