EUVD-2024-27460

Malicious code in bioql PyPI...

CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

CVE-2025-36082

IBM OpenPages 9.0 and 9.1 allows web page cache to be stored locally which can be read by another user on the system...

Security Bulletin: Publicly disclosed libcurl vulnerabilities affects IBM Safer Payments (CVE-2024-9681)

Summary Libcurl is used by IBM Safer Payments as part of the AVRO support for Kafka. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-9681 DESCRIPTION: When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making ...

libsoup 安全漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup, which stems from SoupCache ignoring HTTP Vary headers, which could lead to the disclosure of sensitive user information...

Linux Distros Unpatched Vulnerability : CVE-2022-26363

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86 pv: Insufficient care with non-coherent mappings This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2024-33601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's nscd netgroup cache uses xmalloc or xrealloc and these...

Azure Linux 3.0 Security Update: glibc (CVE-2024-33599)

The version of glibc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-33599 advisory. - nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's nscd fixed size cache ...

SUSE-SU-2025:02126-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50127: net: sched: fix use-after-free in tapriochange bsc1232908. - CVE-2024-50279...

CVE-2025-24791

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...

CVE-2021-24027

A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material...

CVE-2021-23997

Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...

CVE-2020-2286

Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration...

CVE-2002-1977

Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase...

CVE-2025-47277 vLLM Allows Remote Code Execution via PyNcclPipe Communication Service

vLLM, an inference and serving engine for large language models LLMs, has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the PyNcclPipe KV cache transfer integration with the V0 engine. No other configurations are affected. vLLM supports the use of...

CVE-2025-4374 Quay: incorrect privilege assignment

A flaw was found in Quay. When an organization acts as a proxy cache, and a user or robot pulls an image that hasn't been mirrored yet, they are granted "Admin" permissions on the newly created repository...

PT-2025-19956 · Quay · Quay

Name of the Vulnerable Software and Affected Versions: Quay affected versions not specified Description: A flaw was found in Quay where an organization acting as a proxy cache grants "Admin" permissions on a newly created repository when a user or robot pulls an image that hasn't been mirrored ye...

CVE-2025-22018 atm: Fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is NULL...

PT-2025-15757 · Xgrammar · Xgrammar

Name of the Vulnerable Software and Affected Versions: XGrammar versions prior to 0.1.18 Description: The issue concerns an unbounded cache for compiled grammars in memory, which can be exploited to cause a denial of service by filling up a host's memory. This can occur when a system using XGramm...

macOS 13.x < 13.7.5 Multiple Vulnerabilities (122375)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7.5. It is, therefore, affected by multiple vulnerabilities: - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3...