CVE-2026-27141 affecting package ignition-flatcar for versions less than 2.22.0-2

CVE-2026-27141 affecting package ignition-flatcar for versions less than 2.22.0-2. A patched version of the package is available...

EUVD-2026-20497

Hono has incorrect IP matching in ipRestriction for IPv4-mapped IPv6 addresses...

CVE-2025-70298

GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmxparsetags function...

CVE-2021-31216

Siren Investigate before 11.1.1 contains a server side request forgery SSRF defect in the built-in image proxy route which is enabled by default. An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs...

EUVD-2021-18129

Malware in sbrugna...

EUVD-2023-35286

Malicious code in bioql PyPI...

EUVD-2024-42849

Malicious code in bioql PyPI...

EUVD-2023-26946

Malicious code in bioql PyPI...

EUVD-2023-35284

Malicious code in bioql PyPI...

EUVD-2023-35294

Malicious code in bioql PyPI...

EUVD-2023-35301

Malicious code in bioql PyPI...

EUVD-2023-35296

Malicious code in bioql PyPI...

EUVD-2023-35290

Malicious code in bioql PyPI...

EUVD-2023-35298

Malicious code in bioql PyPI...

EUVD-2023-35293

Malicious code in bioql PyPI...

CVE-2025-39809

In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-quicki2c: Fix ACPI dsd ICRS/ISUB length The QuickI2C ACPI DSD methods return ICRS and ISUB data with a trailing byte, making the actual length is one more byte than the structs defined. It caused...

PSF-2025-11

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

CVE-2023-30956

A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0...

CVE-2023-30960

A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further...

CVE-2023-30955

A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fi...