CVE-2026-29133

SEPPmail Secure Email Gateway (before v15.0.3) allows an attacker to upload PGP keys whose UIDs do not match the recipient email address, enabling potential impersonation or confusion in key-management workflows. The CVE-2026-29133 entry confirms the affected product and condition; CVSS 4.0 vecto...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001786)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001786 advisory. The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to...

UBUNTU-CVE-2023-53540

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later...

CVE-2023-53540

CVE-2023-53540 covers a Linux kernel wifi issue in cfg80211 where a station will reject auth/assoc to an AP if the AP uses the station’s own address as MLD address or BSSID. The advisory states this should be rejected to avoid a later failure, with impact described as a high availability risk but...

CVE-2024-53269 Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy Eyeballs sorting algorithm will crash in data plane. This issue has been addressed in releases 1.32.2, 1.31.4, and 1.30.8. Users are advised to upgrade. Users unable to...

Potential Risk of Accidentally Minting Tokens to Incorrect Accounts

Lines of code Vulnerability details Impact 1. the Intended recipient of the tokens might not receive them, which could lead to a loss of funds or a delay in the intended use of the tokens 2. incorrect account holder could receive the tokens by mistake, leading to a discrepancy in the total token...

Incorrect use of msg.sender in isApprovedForAll function causes issues

Lines of code Vulnerability details Impact the function isApprovedForAlladdress owner, address operator is using msg.sender as the address of the user instead of the address that is passed as the owner parameter, this might cause some issues on the code. --- The text was updated successfully, but...

rbData.toCollateral address can be different than the token address set in swapData.dexTxData.

Lines of code Vulnerability details Impact rbData.toCollateral address can be different than the token address set in swapData.dexTxData. A manager can supply toCollateral address of the collateral within the contract but supply a different address in swapParams.dexTxData such that the contract...

updateProjectHash does not check project address

Lines of code Vulnerability details In Project.sol, function updateProjectHash L162, data which is signed by builder and/or contractor does not contain a reference to the project address. In all other external functions of Project.sol, data contains the address of the project, used in this check:...

DEBIAN-CVE-2021-40491

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl...