Security Bulletin: Location Service for ESRI Component uses urllib3-2.6.3 library which was vulnerable to CVE-2026-44431 and CVE-2026-44432

Summary Location Service for ESRI Component uses urllib3-2.6.3 library which was vulnerable to CVE-2026-44431 and CVE-2026-44432. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from t...

Security Bulletin: Location Service for ESRI Component uses cryptography-46.0.6, pyasn1-0.6.2, requests-2.32.5 and cryptography-46.0.5 library which were vulnerable to multiple CVEs

Summary Location Service for ESRI Component uses cryptography-46.0.6, pyasn1-0.6.2, requests-2.32.5 and cryptography-46.0.5 library which were vulnerable to CVE-2026-39892, CVE-2026-30922, CVE-2026-25645 and CVE-2026-34073 respectively. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyas...

Huawei HarmonyOS and EMUI LBS module privilege bypass access vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A privilege bypass access vulnerability exists in Huaw...

Security Bulletin: Location Service for ESRI Component uses cryptography-46.0.3, flask-3.1.2 and werkzeug-3.1.5 library which were vulnerable to CVE-2026-26007, CVE-2026-27205 and CVE-2026-27199 respectively

Summary Location Service for ESRI Component uses cryptography-46.0.3, flask-3.1.2 and werkzeug-3.1.5 library which were vulnerable to CVE-2026-26007, CVE-2026-27205 and CVE-2026-27199 respectively. Vulnerability Details CVEID:CVE-2026-27199 DESCRIPTION: Werkzeug is a comprehensive WSGI web...

Security Bulletin: Location Service for ESRI Component uses werkzeug-3.1.4 and urllib3-2.6.2 library which were vulnerable to CVE-2026-21860 and CVE-2026-21441 respectively

Summary Location Service for ESRI Component uses werkzeug-3.1.4 and urllib3-2.6.2 library which were vulnerable to CVE-2026-21860 and CVE-2026-21441 respectively. Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP client library for Python. urllib3's streaming API is...

Security Bulletin: Location Service for ESRI Component uses urllib3-2.5.0 and werkzeug-3.1.3 library which were vulnerable to CVE-2025-66418, CVE-2025-66471 and CVE-2025-66221 respectively

Summary Location Service for ESRI Component uses urllib3-2.5.0 and werkzeug-3.1.3 library which were vulnerable to CVE-2025-66418, CVE-2025-66471 and CVE-2025-66221 respectively. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python...

gpsd security update

An update is available for gpsd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list gpsd is a service daemon that mediates access to a GPS sensor connected to the...

CVE-2017-18673

An issue was discovered on Samsung mobile devices with N7.x software. An attacker can disable the Location service on a locked device, making it impossible for the rightful owner to find a stolen device. The Samsung ID is SVE-2017-8524 May 2017...

EUVD-2017-9764

Malware in sbrugna...

EUVD-2025-23756

Malicious code in bioql PyPI...

EUVD-2025-23752

Malicious code in bioql PyPI...

CVE-2025-54645

Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-54649

Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect...

CVE-2025-54649

Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect...

CVE-2025-54649

Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect...

CVE-2025-54645

Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-54645

Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-54649

Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect...

CVE-2025-54649

CVE-2025-54649 affects Huawei HarmonyOS: vulnerability in the location service where the system uses incompatible types to access resources, leading to potential location attribute errors. Multiple sources (NVD, Red Hat, CNVD, CNNVD) describe a type confusion/incorrect attribute impact with local...

CVE-2025-54649

Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect...