[SECURITY] Fedora 43 Update: glibc-2.42-9.fc43

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

@conglomerate/weaver (>=2.1.1 <=2.6.1), @derivative/derive (>=0.1.0 <=0.1.1) +10 more potentially affected by CVE-2026-23888 via pnpm (>=0.21.0 <=10.18.3)

pnpm NPM version =0.21.0, =2.1.1, =0.1.0, =0.1.0, =3.7.16, =2.3.0, =0.1.0, =0.2.7, =1.0.4, =1.0.7 Source cves: CVE-2026-23888 Source advisory: OSV:GHSA-6PFH-P556-V868...

Multiple Brother software installers may insecurely load Dynamic Link Libraries

Overview Multiple software installers provided by Brother Industries, Ltd. may insecurely load some dynamic link libraries. Uncontrolled search path element CWE-427 - CVE-2016-2542, CVE-2021-41526 Kazuma Matsumoto of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Brother...

[SECURITY] Fedora 42 Update: python3.12-3.12.12-3.fc42

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

[SECURITY] Fedora 42 Update: python3.11-3.11.14-4.fc42

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

CVE-2026-24016

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed...

openSUSE 16 Security Update : cargo-c (openSUSE-SU-2026:20060-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20060-1 advisory. - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber:...

Malicious code in 1q847 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fe398aee3ca61989d1610e4b2edae183ef70d5fabc08709875ca9ef8725d82c5 Package contains two DLL libraries, one of them packed. Both are widely recognized as malware. The exact behavior is not known --- Category: MALICIOUS - The...

MAL-2026-443 Malicious code in 1q847 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fe398aee3ca61989d1610e4b2edae183ef70d5fabc08709875ca9ef8725d82c5 Package contains two DLL libraries, one of them packed. Both are widely recognized as malware. The exact behavior is not known --- Category: MALICIOUS - The...

CVE-2026-24016

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed...

CVE-2026-24016

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed...

EUVD-2026-3687

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed...

Fsas ServerView Agents code-related vulnerabilities

Fsas ServerView Agents is a server monitoring and management software developed by the Japanese company Fsas. Fsas ServerView Agents has a code vulnerability that stems from the installer potentially loading dynamic link libraries in an insecure manner, which may allow arbitrary code to be execut...

PT-2026-3757

Name of the Vulnerable Software and Affected Versions ServerView Agents for Windows affected versions not specified Description The installer for ServerView Agents for Windows, provided by Fsas Technologies Inc., may load Dynamic Link Libraries insecurely. This could allow for the execution of...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...

Security Bulletin: IBM® Db2® is affected by multiple vulnerabilities in ICU libraries.

Summary The ucnvUTF8FromUTF8 function in ucnvu8.cpp in International Components for Unicode ICU for C/C++ through 60.1 mishandles ucnvconvertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or...

CVE-2025-14369

CVE-2025-14369 affects dr_flac, the FLAC audio decoder in the dr_libs toolset. A vulnerability arises from an integer overflow caused by trusting the totalPCMFrameCount field from FLAC metadata when calculating the buffer size, which can allow a specially crafted FLAC file to cause a Denial of Se...

PT-2026-3551

Name of the Vulnerable Software and Affected Versions dr flac affected versions not specified Description The dr flac audio decoder, part of the dr libs toolset, has a flaw where it improperly handles the totalPCMFrameCount field within FLAC metadata. This can lead to an integer overflow when...

MiracleLinux 7 : rh-python38 (AXSA:2021-2383:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2383:01 advisory. python-cryptography: Bleichenbacher timing oracle attack against RSA decryption CVE-2020-25659 python: Unsafe use of eval on data retrieved via HTTP...

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.332.b09-1.el9 (AXSA:2022-3957:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3957:12 advisory. OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 OpenJDK: Unbounded memory allocation when compiling craft...