EUVD-2026-10694

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

Dell Update Package Framework 安全漏洞

Dell Update Package Framework is a framework developed by the American company Dell for updating system components. This product primarily provides installation programs for drivers, applications, BIOS, and firmware. Versions of the Dell Update Package Framework from 23.12.00 to 24.12.00 containe...

One RNG to Rule Them All: How Randomness Becomes an Attack Vector in Machine Learning

Machine learning relies on randomness as a fundamental component in various steps such as data sampling, data augmentation, weight initialization, and optimization. Most machine learning frameworks use pseudorandom number generators as the source of randomness. However, variations in design choic...

Moderate: Red Hat Security Advisory: Automotive bug fix and enhancement update

An update for gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server is now available for Red Hat In-Vehicle-OS version 1.0.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...

EUVD-2018-0587

Malware in sbrugna...

EUVD-2018-0493

Malware in sbrugna...

EUVD-2017-1962

Malware in sbrugna...

EUVD-2017-1174

Malware in sbrugna...

EUVD-2023-27876

Malicious code in bioql PyPI...

EUVD-2023-2513

Malicious code in bioql PyPI...

EUVD-2022-44145

Malicious code in bioql PyPI...

EUVD-2023-2462

Malicious code in bioql PyPI...

EUVD-2022-5337

Malicious code in bioql PyPI...

EUVD-2024-2898

Malicious code in bioql PyPI...

EUVD-2025-20182

Malicious code in bioql PyPI...

CVE-2025-54801 Fiber Susceptible to Crash via `BodyParser` Due to Unvalidated Large Slice Index in Decoder

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...

CVE-2025-49006

Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...

ALSA-2025:8816 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...

CVE-2024-55970

File Manager in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 has a traversal issue that is related to the request parameter, aka I644734...

CVE-2022-25481

ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. NOTE: this is disputed by a third party because system environment exposure is an intended feature of the debugging mode...