36948 matches found
PT-2026-23425
Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-23423
Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability...
OPENSUSE-SU-2026:10292-1 python311-Django-5.2.12-1.1 on GA media
These are all security issues fixed in the python311-Django-5.2.12-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10289-1 freetype2-devel-2.14.2-1.1 on GA media
These are all security issues fixed in the freetype2-devel-2.14.2-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10291-1 libsoup-2_4-1-2.74.3-18.1 on GA media
These are all security issues fixed in the libsoup-24-1-2.74.3-18.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-59787 HTTP 5XX Internal Server Errors
2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input and potential security or availability impacts...
OPENSUSE-SU-2026:10279-1 c3p0-0.12.0-1.1 on GA media
These are all security issues fixed in the c3p0-0.12.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10281-1 mchange-commons-0.4.0-1.1 on GA media
These are all security issues fixed in the mchange-commons-0.4.0-1.1 package on the GA media of openSUSE Tumbleweed...
ROS-20260304-73-0008
A vulnerability in the netsched component of the Linux operating system kernel is related to incorrect resource clearing or freeing. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...
ROS-20260304-73-0006
A vulnerability in the skisreadable function of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability may allow a remote attacker to affect the availability of protected information...
OPENSUSE-SU-2026:10288-1 libblkid-devel-2.41.3-4.1 on GA media
These are all security issues fixed in the libblkid-devel-2.41.3-4.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10285-1 python311-pillow-heif-1.3.0-1.1 on GA media
These are all security issues fixed in the python311-pillow-heif-1.3.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10283-1 python313-Django6-6.0.3-1.1 on GA media
These are all security issues fixed in the python313-Django6-6.0.3-1.1 package on the GA media of openSUSE Tumbleweed...
GHSA-77HF-7FQF-F227 OpenClaw skills-install-download: tar.bz2 extraction bypassed archive safety parity checks (local DoS)
Summary The tar.bz2 installer path in src/agents/skills-install-download.ts used shell tar preflight/extract logic that did not share the same hardening guarantees as the centralized archive extractor. This allowed crafted .tar.bz2 archives to bypass special-entry blocking and extracted-size...
GHSA-VPQ2-C234-7XJ6 @tootallnate/once vulnerable to Incorrect Control Flow Scoping
Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...
EUVD-2026-9278
Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...
CVE-2026-3449
Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...
@tootallnate/once 安全漏洞
@tootallnate/once is a JavaScript code library developed by Nathan Rajlich personally. Versions of @tootallnate/once prior to version 3.0.1 contained security vulnerabilities. These vulnerabilities stemmed from errors in the control flow scope when using the AbortSignal option. After the signal i...
malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability
Several extraction and scanning code paths registered late defers which could leak resources and exhaust system resources. This report is an aggregate of these individual reports for the affected code: Advisory | Affected File -- | -- GHSA-jjgh-mc5q-gch7 | pkg/action/scan.go GHSA-mwmf-fxh2-w4x7 |...
CVE-2026-2584
A critical SQL Injection SQLi vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker AV:N/PR:N can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity AC:L and the absence o...