PT-2026-33909

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.9 OpenEXR versions 3.3.0 through 3.3.9 OpenEXR versions 3.2.0 through 3.2.7 Description An integer overflow occurs in the reference implementation of the EXR image storage format. The issue exists in internal...

RHEL 8 : python3 (RHSA-2026:9289)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9289 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RHEL 9 : python3.9 (RHSA-2026:9261)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9261 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012959 advisory. In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential staticcommandline memory overflow We allocate memory of size 'xlen +...

RHEL 9 : python3.11 (RHSA-2026:9260)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9260 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

PT-2026-33908

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.9 OpenEXR versions 3.3.0 through 3.3.9 OpenEXR versions 3.2.0 through 3.2.7 Description An integer overflow occurs in the reference implementation of the EXR image storage format. Specifically, the file...

python: Python: Command-line option injection in webbrowser.open() via crafted URLs

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

mirai-exploit

Vulnerability Details CVE ID: CVE-2026-22812 Affe...

[SECURITY] Fedora 42 Update: awstats-8.0-1.fc42

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

[SECURITY] Fedora 43 Update: awstats-8.0-2.fc43

Advanced Web Statistics is a powerful and full-featured tool that generates advanced web server graphical statistics. This server log analyzer works from the command line or as a CGI and shows all information your log contains, in graphical web pages. It can analyze a lot of web/wap/proxy servers...

RHEL 9 : python3.11 (RHSA-2026:9042)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9042 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

PT-2026-33702

SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences 'CRLF Injection' vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration...

CVE-2026-40337 Sentry kernel has incomplete ownership check for IRQ line manipulation

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

GHSA-8Q4H-8CRM-5CVC elFinder: Command injection in resize background color parameter when using ImageMagick CLI

Severity High bg can be injected into shell command construction, leading to possible RCE in affected configurations. Summary elFinder contains a command injection vulnerability in the resize command. The bg background color parameter is accepted from user input and passed through image...

JLSEC-2026-132

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...

jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007458 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach NGSM0710...

Dahua Security Assessment Tool - Authentication, Scan, and Exposure Testing Script

This Python script is a security assessment tool designed to evaluate the exposure and potential vulnerabilities of Dahua-based devices commonly IP cameras and NVR systems. It combines multiple testing modules into one CLI utility...

BIT-PYTHON-MIN-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

BIT-PYTHON-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...