ai-24sea (>=0.1.0 <=1.1.1), askap-flint (>=0.6.1 <=0.8.0) +29 more potentially affected by CVE-2026-7723 via prefect (>=3.0.0rc20 <=3.6.13)

prefect PYPI version =3.0.0rc20, =0.1.0, =0.6.1, =6.0.0, =1.0.1, =2.2.8, =2.25.0, =1.1.0, =1.3.0b5, =0.0.2, =0.1.11, =1.1.0, =0.0.2, =0.0.14 and more Source cves: CVE-2026-7723 Source advisory: SNYK:PYTHON-PREFECT-16379909...

BELL-CVE-2025-55248

Bulletin has no description...

DEBIAN-CVE-2023-53656

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: Don't migrate perf to the CPU going to teardown The driver needs to migrate the perf context if the current using CPU going to teardown. By the time calling the cpuhp::teardown callback the cpuonlinemask hasn'...

EUVD-2020-22048

Malware in sbrugna...

DEBIAN-CVE-2025-39950

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCPREPAIR A NULL pointer dereference can occur in tcpaofinishconnect during a connect system call on a socket with a TCP-AO key added and TCPREPAIR enabled. The...

EUVD-2022-49799

Malicious code in bioql PyPI...

EUVD-2025-16180

Malicious code in bioql PyPI...

BELL-CVE-2025-39869

Bulletin has no description...

BELL-CVE-2023-53230

Bulletin has no description...

BELL-CVE-2025-38530

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2021-23960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affec...

GHSA-5662-2RJ7-F2V6 copyparty allows Regex Denial of Service (ReDoS) in the upload listing

Summary The filter parameter for the "Recent uploads" page allows arbitrary Regexes. If this feature is enabled which is the default, an attacker can craft a filter which deadlocks the server. PoC https://127.0.0.1:3923/?ru&filter=.++x Impact The server becomes fully inaccessible for a long time...

CVE-2025-50082

...

CVE-2025-50059

...

DaaS - VDI - Rename cluster VMware

Impact of Renaming VMware Cluster in a DaaS/VDI Environment...

K000150505: LuaJIT vulnerabilities CVE-2019-19391, CVE-2020-15890, CVE-2020-24372

Security Advisory Description CVE-2019-19391 In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled...

CVE-2025-28936

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sakurapixel Lunar lunar-sell-photos-online allows Stored XSS.This issue affects Lunar: from n/a through = 1.3.0...

Pimcore Vulnerable to SQL Injection in getRelationFilterCondition

Summary Authenticated users can craft a filter string used to cause a SQL injection. Details Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer. This code does not look to sanitize inputs:...

GHSA-QJPX-5M2P-5PGH Pimcore Vulnerable to SQL Injection in getRelationFilterCondition

Summary Authenticated users can craft a filter string used to cause a SQL injection. Details Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer. This code does not look to sanitize inputs:...

K000150337: Wireshark/tshark vulnerabilities CVE-2018-9262, CVE-2018-9260, CVE-2018-9259, CVE-2018-9258, and CVE-2018-9257

Security Advisory Description CVE-2018-9262 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth. CVE-2018-9260 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to...