[SECURITY] Fedora 43 Update: rust-sevctl-0.6.2-7.fc43

Administrative utility for AMD SEV...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds via the NGSetupRequest function in the ngap/handler.go file when processing the InformationElement argument. An attacker can cause memory corruption by sending specially crafted requests remotely. Remediation Upgrade...

CVE-2026-8773

A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall/db/util/DbUtil.java of the component Database Setting Handler. The manipulation of the argument...

DataEase 注入漏洞

DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in operations. Version 2.10.20 of DataEase contains a injection vulnerability. This...

CVE-2024-36333

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2024-36333

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2024-36333

CVE-2024-36333 is a DLL hijacking vulnerability in the AMD Cleanup Utility that could enable privilege escalation with potential arbitrary code execution. Affected: AMD Cleanup Utility. Root cause: DLL search order hijack leading to code execution with high impact on confidentiality/integrity/ava...

CVE-2024-36333

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

EUVD-2024-55590

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2024-36333

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2024-36333

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

MAL-2026-3768 Malicious code in npmjs_web3-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 263a0126b20b1d58bc0528a4b7bea19027b94383e00b5b9f03b712d96be89ca7 The package's postinstall lifecycle hook downloads a script from a personal GitHub Gist...

EUVD-2026-29991

An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-40703

A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop through insufficient validation and missing safety mechanisms during symlink resolution. An attacker can cause infinite loops and resource exhaustion by providing crafted or malformed input that triggers uncontrolled...

CVE-2026-39455

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...

CVE-2026-39455 BIG-IP Configuration utility vulnerability

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...