3048 matches found
DEBIAN-CVE-2026-53877
An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...
DEBIAN-CVE-2011-10043
Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded. Module names starting with "::" could be passed to the load function to specify arbitrary module paths. Attackers able to influence module names passed to load could use that bug to execute arbitrary...
DEBIAN-CVE-2026-55380
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
DEBIAN-CVE-2026-58203
pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...
SUSE-SU-2026:2760-1 Security update for libnfs
This update for libnfs fixes the following issue - CVE-2026-53689: integer overflow during a connection to a crafted NFS server bsc1268135. Changes for libnfs: - Add libnfs-CVE-2026-53689.patch: ZDR: check the string size for sanity bsc1268135 CVE-2026-53689...
ROOT-OS-UBUNTU-2404-CVE-2025-37901 CVE-2025-37901 in rootio-linux - Patched by Root
Root has patched CVE-2025-37901 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-39957 CVE-2025-39957 in rootio-linux - Patched by Root
Root has patched CVE-2025-39957 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
DEBIAN-CVE-2026-53360
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...
DEBIAN-CVE-2026-9079
libcurl had a flaw that when instructed to clear proxy authentication credentials which made it not do so, leaving the old credentials around to get used for subsequent transfers that should not know nor use them...
DEBIAN-CVE-2026-11856
Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...
BELL-CVE-2026-53353
Bulletin has no description...
BELL-CVE-2026-53350
Bulletin has no description...
BELL-CVE-2026-53339
Bulletin has no description...
UBUNTU-CVE-2026-47247
Unknown description...
Linux Distros Unpatched Vulnerability : CVE-2026-27727
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remo...
Linux Distros Unpatched Vulnerability : CVE-2026-57204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can...
DEBIAN-CVE-2026-55597
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has been fixed in version7.1.2-26...
Arbitrary Argument Injection
Overview repomix is an A tool to pack repository contents to single file for AI consumption Affected versions of this package are vulnerable to Arbitrary Argument Injection via unsanitized input to the remoteBranch parameter in the execGitShallowClone process. An attacker can execute arbitrary...
UBUNTU-CVE-2025-15666
A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height lead...
BELL-CVE-2026-53302
Bulletin has no description...