DEBIAN-CVE-2026-27144

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990081)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990081 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel...

EUVD-2019-0324

Malware in sbrugna...

EUVD-2024-41287

Malicious code in bioql PyPI...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses helpers-7.20.6.tgz which is vulnerable to CVE-2025-27789

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses helpers-7.20.6.tgz which is vulnerable to CVE-2025-27789. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses helpers-7.26.7.tgz which is vulnerable to CVE-2025-27789

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses helpers-7.26.7.tgz which is vulnerable to CVE-2025-27789. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for...

USN-7481-1 openjdk-lts vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 11 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 11 incorrectly handled compiler transformations. An...

Amazon Linux 2 : firefox (ALASFIREFOX-2025-036)

The version of firefox installed on the remote host is prior to 128.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-036 advisory. Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability...

DEBIAN-CVE-2024-50382

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V...

USN-6812-1 openjdk-17 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. CVE-2024-21011 It was discovered that OpenJDK 17 incorrectly performed reverse DNS query...

PT-2023-27210 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper affected versions not specified Description: The Vyper compiler evaluates arguments from right to left instead of left to right for certain expressions, including unsafe add, unsafe sub, unsafe mul, unsafe div, pow mod256, |, &, ^ bitwi...

CVE-2023-30624

Wasmtime CVE-2023-30624 concerns an LLVM-level undefined behavior in per-instance state management (VMContext) of the Wasmtime runtime. The issue occurs in Wasmtime versions prior to 6.0.2, 7.0.1, and 8.0.1 and arises when unsafe code mutates VMContext data via methods using &self, which can lead...

Vyper 安全漏洞

Vyper is the Pythonic smart contract language for EVM. A security vulnerability exists in Vyper versions 0.3.1 through 0.3.7, which stems from the Vyper compiler generating incorrect bytecode...

Mozilla: Incorrect optimization result on ARM64

The Mozilla Foundation Security Advisory describes this flaw as: A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result...

SUSE CVE-2022-32923

A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app...

SUSE-SU-2022:2961-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: - CVE-2022-31676: Fixed an issue that could allow unprivileged users inside a virtual machine to escalate privileges bsc1202657. Non-security fixes: - Update to 11.0.5 build 15389592 bsc1165955 DNS server is reported incorrectly in GuestIn...

SELinux Buffer Overflow Vulnerability

SELinux is a Linux subsystem from the National Security Agency that uses a secure architecture that allows administrators to better control who has access to the system. A security vulnerability exists in SELinux version 3.2, which stems from a heap-based buffer overflow in the CIL compiler in...