CVE-2026-40966

In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...

GHSA-4W7R-3222-8H6V Tillitis TKey Client has an Error in Protocol Implementation

Impact Some specific 1 out of 256 User Supplied Secrets USS were not used, making the resulting Compound Device Identifier CDI the same as if no USS was provided. Affected client applications: all client apps using the tkeyclient Go module. Patches Upgrade to v1.3.0. NOTE WELL: For the affected e...

EUVD-2017-12331

Malware in sbrugna...

EUVD-2017-16800

Malware in sbrugna...

EUVD-2017-18871

Malware in sbrugna...

EUVD-2020-7664

Malware in sbrugna...

EUVD-2025-9734

Malicious code in bioql PyPI...

EUVD-2024-23548

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-23537

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN,...

Linux Distros Unpatched Vulnerability : CVE-2019-11692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable...

Linux Distros Unpatched Vulnerability : CVE-2020-6807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a device was changed while a stream was about to be destroyed, the stream-reinit task may have been executed after the stream was destroyed, causing a...

Fedora: Security Advisory (FEDORA-2024-b73f521265)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-5616

Calendar01, Calendar02, PKOBO-News01, PKOBO-vote01, Telop01, Gallery01, CalendarForm01, and Link01 Calendar01 free edition ver1.0.0, Calendar02 free edition ver1.0.0, PKOBO-News01 free edition ver1.0.3 and earlier, PKOBO-vote01 free edition ver1.0.1 and earlier, Telop01 free edition ver1.0.0,...

ch.admin.bit.jeap:jeap-messaging-avro-maven-plugin (>=8.31.0 <=8.50.0), ch.admin.bit.jeap:jeap-messaging-registry-maven-plugin (>=8.31.0 <=8.50.0) +166 more potentially affected by CVE-2025-4949 via org.eclipse.jgit:org.eclipse.jgit (=7.2.0.202503040940-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =7.2.0.202503040940-r is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.jgit:org.eclipse.jgit and may be impacted: - ch.admin.bit.jeap:jeap-messaging-avro-maven-plugin =8.31.0, =8.31.0, =2.59.0,...

CVE-2025-31115

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

Linux Distros Unpatched Vulnerability : CVE-2024-38809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications that parse ETags from If-Match or If-None-Match request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the...

Linux Distros Unpatched Vulnerability : CVE-2017-5445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability while parsing application/http-index-format format content where uninitialized values are used to create an array. This could allow the reading ...

Linux Distros Unpatched Vulnerability : CVE-2017-5465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read while processing SVG content in ConvolvePixel. This results in a crash and also allows for otherwise inaccessible memory being copied into...

CVE-2024-32636

A vulnerability has been identified in JT2Go All versions V2312.0005, Teamcenter Visualization V14.2 All versions V14.2.0.12, Teamcenter Visualization V14.3 All versions V14.3.0.10, Teamcenter Visualization V2312 All versions V2312.0005. The affected applications contain an out of bounds read pas...

CVE-2024-37997

A vulnerability has been identified in JT Open All versions V11.5, JT2Go All versions V2406.0003, PLM XML SDK All versions V7.1.0.014, Teamcenter Visualization V14.2 All versions V14.2.0.13, Teamcenter Visualization V14.3 All versions V14.3.0.11, Teamcenter Visualization V2312 All versions...