39475 matches found
CVE-2026-9277 vulnerabilities
Vulnerabilities for packages: langfuse, code-server, tileserver-gl-fips, tileserver-gl...
[SECURITY] Fedora 43 Update: rust-1.96.0-1.fc43
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...
0day
0day !GitHub forkshttps://img.shields.io/github/forks/he...
Linux Distros Unpatched Vulnerability : CVE-2026-45591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-45591 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2026-45490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Note that Nessus relies on the presence of the packag...
MAStrike: Shapley-Guided Collusive Red-Teaming on Multi-Agent Systems
Hierarchical multi-agent systems MAS are rapidly being deployed in high-stakes workflows across domains such as finance and software engineering. In these systems, safety and security are inherently distributed across role-specialized agents, significantly expanding the attack surface, particular...
IBM i 代码问题漏洞
IBM i is an operating system developed by the American International Business Machines IBM company, which runs on IBM Power Systems and IBM PureSystems. Versions 7.6, 7.5, 7.4, and 7.3 of IBM i have code vulnerabilities. These vulnerabilities stem from unconstrained library calls, which may allow...
openSUSE 16 Security Update : postgresql18 (openSUSE-SU-2026:20901-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20901-1 advisory. This update for postgresql18 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema...
Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7461-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7461-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
Heap-based Buffer Overflow
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
CVE-2026-47166
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been patched in versio...
CVE-2026-47165
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate without a challenge–response authentication model. This has been changed in versions 6.9.13-48 an...
MAL-2026-5516 Malicious code in tailwind-animator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9a1b7c3c3877a14abbea0abc4ee53a2d5d7207f7932141f428235c069285c0d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-48855
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...
Malicious code in @validate-sdk/v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e93b483fd9338717a984d2e695d44a5497cb4b2d1a91c0eabc160fbc6d6cd7aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-29114
A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain...
CVE-2025-66280
An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the...
GHSA-9V76-4QCC-FRGH vulnerabilities
Vulnerabilities for packages: dotnet-bootstrap...
CVE-2026-11645 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-X2HH-W9MW-3VQ2 vulnerabilities
Vulnerabilities for packages: chromium...