CVE-2025-33130

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack...

CVE-2025-66614

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Older EOL...

CVE-2025-32049 affecting package libsoup for versions less than 3.0.4-11

CVE-2025-32049 affecting package libsoup for versions less than 3.0.4-11. A patched version of the package is available...

CVE-2026-1094 vulnerabilities

Vulnerabilities for packages: gitlab-runner-fips, gitlab-rails-ce-fips, gitlab-runner, gitlab-pages-fips...

ROS-20260216-73-0016

Vulnerability in gpac related to incorrect resource cleanup or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260216-73-0017

Vulnerability in gpac related to incorrect resource cleanup or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260216-73-0010

Vulnerability in wireshark related to execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-69421 affecting package hvloader for versions less than 1.0.1-17

CVE-2025-69421 affecting package hvloader for versions less than 1.0.1-17. A patched version of the package is available...

GHSA-4MH3-H929-W968 vulnerabilities

Vulnerabilities for packages: filebrowser...

GHSA-V34V-RQ6J-CJ6P vulnerabilities

Vulnerabilities for packages: langfuse...

[SECURITY] Fedora 43 Update: mingw-expat-2.7.4-1.fc43

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

CVE-2026-23197

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

CVE-2026-23194

In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...

CVE-2026-23150

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to sockerrors...

CVE-2026-26269

Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when processing the specialKeys command, affecting Vim builds that enable and use the NetBeans feature. The Stack buffer overflow exists in specialkeys in...

CVE-2025-40905

WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...

USN-8036-1: HAProxy vulnerability

Asim Viladi Oglu Manizada discovered that HAProxy incorrectly handled certain INITIAL packets. A remote attacker could possibly use this issue to cause HAProxy to crash, resulting in a denial of service...

CVE-2026-25994

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a buffer overflow vulnerability exists in PJNATH ICE Session when processing credentials with excessively long usernames...

CVE-2026-2323

Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-2323

Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...