UBUNTU-CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficien...

CVE-2025-66602

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts access by IP address. When a worm that randomly searches for IP addresses intrudes into the network, it could potentially be attacked by the worm. The affected products and versions are ...

CVE-2025-66604

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The library version could be displayed on the web page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN,...

CVE-2025-66598

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TLS versions, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVR...

CVE-2025-66608

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

CVE-2025-66595

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cross-Site Request Forgery CSRF. When a user accesses a link crafted by an attacker, the user’s account could be compromised. The affected products and versions are as follows:...

CVE-2025-66605

CVE-2025-66605 affects Yokogawa FAST/TOOLS. The flaw arises from input fields on the affected web pages that use autocomplete, allowing input content to be saved in the user’s browser. Affected products/versions: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01–R10.04. The avail...

CVE-2025-66607

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The response header contains an insecure setting. Users could be redirected to malicious sites by an attacker. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN, HMIWEB,...

PT-2026-7054

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN, HMIWEB,...

EUVD-2025-199708

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR LapwingLinux on Linux nrfw modules. This vulnerability is associated with program files Code/nrfw/DLP/src/NrCgi.C. This issue affects LapwingLinux: before 2025/11/26...

Malicious code in odoo-sfu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6150db474384025ea6979cd2f9cdfcd33735d897541917f74ee49a6d3ee74c71 The OpenSSF Package Analysis project identified 'odoo-sfu' @ 9.0.1 npm as malicious. It is considered malicious because: - The package...

Linux Distros Unpatched Vulnerability : CVE-2024-5315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially...

mysql: Optimizer unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow. An attacker can execute arbitrary code by sending malicious requests designed to exploit the vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to version 9.0.1 or higher...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow. An attacker can execute arbitrary code by sending malicious requests designed to exploit the vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 9.0.1 or higher. References -...

AZL-50384 CVE-2024-21213 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server execute...

AZL-50591 CVE-2024-21194 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

WordPress plugin Quiz And Survey Master Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2024-24345 · Digital Bazaar · @Digitalbazaar/Zcap

Name of the Vulnerable Software and Affected Versions: @digitalbazaar/zcap versions prior to 9.0.1 Description: The issue arises when invoking a capability with a chain depth of 2, where the expires property is not properly checked against the current date or other date param. This can allow...

PT-2023-7215 · Frrouting +10 · Frrouting +10

Name of the Vulnerable Software and Affected Versions: FRRouting versions through 9.0.1 Description: The issue is related to insufficient input validation in FRRouting, which can be exploited by a remote attacker to cause a denial of service. Specifically, it mishandles malformed MP REACH NLRI...