TOR Virtual Network Tunneling Tool 0.4.8.22

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

GHSA-QH4C-XF7M-GXFC vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector

Summary A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods obtain and process media from URLs provided by users, using different Python parsing libraries when restrictin...

CVE-2026-24812

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

CVE-2026-24811

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

[SECURITY] Fedora 42 Update: freerdp-3.21.0-1.fc42

The xfreerdp & wlfreerdp Remote Desktop Protocol RDP clients from the FreeR DP project. xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and VirtualBox...

Delta Electronics DIAView Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAView. User interaction is required to exploit this vulnerability in that the target must open and run a malicious project. The specific flaw exists within the DIAView script...

GitHub: Add labels to arbitrary issues/prs & compromise github actions label checks

A vulnerability was identified that allowed a user with read access to a repository and write access to a project to modify issue and pull request metadata through the project. When adding an item to a project that already existed, column value updates were applied without verifying the actor's...

Server-side Request Forgery (SSRF)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the MediaConnector class. An attacker can access internal network resources and cause system instability or...

CVE-2026-24909

CVE-2026-24909 concerns the vlt project: vulnerable in versions before 1.0.0-rc.10 due to improper path sanitization in tar extraction, enabling path traversal. In practice, a tar archive with crafted file paths could lead to extraction of files outside the target directory, as described in multi...

CVE-2026-24872

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire548.This issue affects SkyFire548: before 5.4.8-stable5...

CVE-2016-15057

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the...

CVE-2026-24811

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

AZL-75393 CVE-2026-24812 affecting package openjpeg2 2.3.1-12

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

CVE-2026-24811

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

CVE-2026-24812

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

AZL-75363 CVE-2026-24811 affecting package openjpeg2 2.3.1-12

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

AZL-75384 CVE-2026-24811 affecting package openjpeg2 2.3.1-12

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

CVE-2026-24812

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...

AZL-75354 CVE-2026-24811 affecting package fltk 1.3.5-4

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

EUVD-2026-4764

Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules. This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0...