PT-2026-46599

Use after free in Base in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в 389-ds-base

A flaw has been discovered in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker who can view the screen or record the terminal’s standard error outpu...

Unity Linux 20.1060e / 20.1070e Security Update: qt5-qtbase (UTSA-2026-017636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017636 advisory. An out-of-bounds memory access in the generateDirectionalRuns function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a...

Astra Linux - уязвимость в 389-ds-base

In the 389-ds-base up to version 1.4.1.2, requests are processed by worker threads. Each socket is waited for by the worker for no more than ‘ioblocktimeout’ seconds. However, this timeout applies only to un-encrypted requests. Connections that use SSL/TLS do not take this timeout into account...

CVE-2026-39622 WordPress Education Base theme <= 3.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through = 3.0.8...

MiracleLinux 8 : qt5-qtbase-5.15.2-4.el8.ML.1 (AXSA:2022-3605:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3605:01 advisory. qt: out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke CVE-2021-38593 Tenable has extracted t...

Security Bulletin: Vulnerability in cipher-base affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in cipher-base has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

Fedora 42 : qt5-qtbase (2025-c50e4dfd3b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c50e4dfd3b advisory. Fix CVE-2025-5455 - QtCore Assertion Failure Denial of Service Tenable has extracted the preceding description block directly from the Fedora securi...

CVE-2025-60228

Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through = 2.9...

EUVD-2018-2919

Malware in sbrugna...

EUVD-2021-26948

Malware in sbrugna...

EUVD-2014-3002

Malware in sbrugna...

EUVD-2019-12663

Malware in sbrugna...

EUVD-2006-5358

Malware in sbrugna...

EUVD-2006-1509

Malware in sbrugna...

EUVD-2024-33521

Malicious code in bioql PyPI...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : cipher-base vulnerability (USN-7746-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7746-1 advisory. Nikita Skovoroda discovered that cipher-base did not properly manage certain inputs. An attacker could possibly use th...

CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

CVE-2025-9287 Missing type checks leading to hash rewind and passing on crafted data

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

NewStart CGSL MAIN 7.02 : texlive-base Vulnerability (NS-SA-2025-0137)

The remote NewStart CGSL host, running version MAIN 7.02, has texlive-base packages installed that are affected by a vulnerability: - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua...