CVE-2026-24009 Docling Core vulnerable to Remote Code Execution via unsafe PyYAML usage

Docling Core or docling-core is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution RCE vulnerability, namely CVE-2020-14343, is exposed in docling-core starting in version 2.21.0 and prior to version...

CVE-2026-24009 Docling Core vulnerable to Remote Code Execution via unsafe PyYAML usage

Docling Core or docling-core is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution RCE vulnerability, namely CVE-2020-14343, is exposed in docling-core starting in version 2.21.0 and prior to version...

ROS-20260122-73-0021

A vulnerability in the Loader component of Google Chrome browser is related to incorrect data type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

Security Bulletin: Vulnerabilities in Apache Commons affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Apache Commons has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION:...

EUVD-2026-3553

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. Successful...

CVE-2026-21959

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. Successful...

CVE-2026-21959

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. Successful...

PT-2026-3706

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.15 Description An easily exploitable issue exists in the Oracle Workflow product of Oracle E-Business Suite, specifically within the Workflow Loader component. A high-privileged attacker wit...

MiracleLinux 8 : grub2-2.02-123.el8.8.ML.1, mokutil-0.3.0-11.el8.1, shim-15.6-1.el8.ML.1, shim-unsigned-x64-15.6-1.el8.ML.1 (AXSA:2022-4042:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4042:01 advisory. grub2: Integer underflow in grubnetrecvip4packets CVE-2022-28733 grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap...

Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101573)

The version of Atlassian Confluence Server running on the remote host is affected by a denial of service vulnerability as referenced in the CONFSERVER-101573 advisory. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack...

OESA-2026-1083 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A weakness has been identified in Op...

OESA-2026-1080 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A weakness has been identified in Op...

MiracleLinux 7 : glibc-2.17-106.el7.4 (AXSA:2016-096:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-096:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

MiracleLinux 4 : tomcat6-6.0.24-78.AXS4 (AXSA:2014-496:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-496:04 advisory. Description : Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages...

MiracleLinux 4 : glibc-2.12-1.166.AXS4.7 (AXSA:2016-091:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-091:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make...

Duplicate Advisory: Google Keras Allocates Resources Without Limits or Throttling in the HDF5 weight loading component

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mgx6-5cf9-rr43. This link is maintained to preserve external references. Original Description Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 throu...

Linux Distros Unpatched Vulnerability : CVE-2025-70968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE. CVE-2025-70968 Note that Nessus relies on the presence of the package as reported by the...

Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.1 < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101574)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101574 advisory. - Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This...

CVE-2025-70968

CVE-2025-70968 affects FreeImage 3.18.0, where a Use-After-Free vulnerability exists in PluginTARGA.cpp;loadRLE. The issue is confirmed across multiple sources (NVD/NASL OSV/Ubuntu/Debian references) and is described as a Use After Free in the loadRLE() routine of the TARGA plugin. Impact is desc...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001740 advisory. An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. Tenable has...