CVE-2026-0775

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

ROS-20260122-73-0009

Vulnerability in ceph related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

GHSA-9XFG-6WHQ-QVGM vulnerabilities

Vulnerabilities for packages: drupal...

GHSA-4X76-2J9H-Q9R9 vulnerabilities

Vulnerabilities for packages: redis...

GHSA-433R-68JW-R53J vulnerabilities

Vulnerabilities for packages: linux-gcp, linux-azure, linux-qemu, linux-aws, linux-vmware...

CVE-2020-36843 affecting package ed25519-java for versions less than 0.3.0-1

CVE-2020-36843 affecting package ed25519-java for versions less than 0.3.0-1. A patched version of the package is available...

wireshark: Access of Uninitialized Pointer in Wireshark

An uninitialized pointer access has been discovered in Wireshark. An attacker who can provide crafted input may be able to leverage this pointer access weakness to crash the application...

mariadb: MariaDB Server Crash

A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via improper handling of join operations in JOIN::fixallsplittingsinplan...

GHSA-G84X-MCQJ-X9QQ vulnerabilities

Vulnerabilities for packages: request-1276, py3-vllm-cuda-12.4, kserve, airflow, py3.13-scanner-test-libraries-aiohttp, authentik, apache-beam-python-3.11-sdk, gitlab-cng, dask-kubernetes, open-webui, awx, checkov, kubeflow-pipelines-visualization-server, py3-cassandra-medusa...

GHSA-7MVR-5X2G-WFC8 vulnerabilities

Vulnerabilities for packages: grafana...

GHSA-FMRF-GVJP-5J5G vulnerabilities

Vulnerabilities for packages: cilium...

GHSA-QJ89-GQXQ-9F84 vulnerabilities

Vulnerabilities for packages: mysql...

CVE-2025-54371 vulnerabilities

Vulnerabilities for packages: lerna, kubeflow-centraldashboard, saf...

GHSA-FP5R-V3W9-4333 vulnerabilities

Vulnerabilities for packages: druid...

CVE-2023-54218

In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk-skstamp in sockrecvcmsgs. KCSAN found a data race in sockrecvcmsgs where the read access to sk-skstamp needs READONCE. BUG: KCSAN: data-race in packetrecvmsg / packetrecvmsg write marked to...

CVE-2022-50824

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Add the missed acpiputtable to fix memory leak In checkacpitpm2, we get the TPM2 table just to make sure the table is there, not used after the init, so the acpiputtable should be added to release the ACPI memory...

GHSA-X44P-GVRJ-PJ2R vulnerabilities

Vulnerabilities for packages: apache-nifi...

CVE-2025-68374

In the Linux kernel, the following vulnerability has been resolved: md: fix rcu protection in mdwakeupthread We attempted to use RCU to protect the pointer 'thread', but directly passed the value when calling mdwakeupthread. This means that the RCU pointer has been acquired before rcureadlock,...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to improper memory handling and result in an unexpected process crash...

CVE-2025-68161 vulnerabilities

Vulnerabilities for packages: apache-tika, akhq, confluent-kafka, infinispan, spark, solr, logstash, neo4j, zipkin, opensearch, kserve-modelmesh, druid, wavefront-proxy, apache-activemq-artemis, apache-pulsar, celeborn, strimzi-kafka-operator, flink, kafka...