ALSA-2026:3842 Moderate: delve security update

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out ...

Copeland多款产品 操作系统命令注入漏洞

The Copeland XWEB 500D PRO and Copeland XWEB 500B PRO are advanced commercial and industrial refrigeration monitoring and management systems from the American company Copeland. Several products of Copeland have vulnerabilities related to operating system command injection. This vulnerability stem...

PT-2026-21555

Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache WordPress plugin versions prior to 3.0.5 Description The Aruba HiSpeed Cache WordPress plugin is susceptible to a cross-site request forgery CSRF issue impacting several administrative AJAX actions. Specifically, the ahsc...

CVE-2026-26959

ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below fail to validate the integrity or authenticity of the ADB binary path specified in the ManualAdbPath setting before executing it, allowing arbitrary code execution with the privileges of the current user. An attacker can...

CVE-2026-23219

In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...

AMD多款产品 安全漏洞

AMD Ryzen and AMD Radeon are both products of American semiconductor company AMD. AMD Ryzen is a type of Central Processing Unit CPU. AMD Radeon is a set of device drivers and utility software for Advanced Micro Devices’ graphics cards and GPUs. Several AMD products have security vulnerabilities;...

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper access control of on-chip debugging interfaces. This could allow privileged attackers to enable the debugging interfaces and...

[SECURITY] Fedora 42 Update: tbtools-0.7.0-2.fc42

This is a collection of tools for Linux Thunderbolt/USB4 development, debuggi ng and validation but may be useful to others as well...

[SECURITY] Fedora 43 Update: tbtools-0.7.0-2.fc43

This is a collection of tools for Linux Thunderbolt/USB4 development, debuggi ng and validation but may be useful to others as well...

neopythonlogger

chrome-privless-encryption A PoC demonstrating how to bypass...

mtkclient

🚀 mtkclient - Easily Flash and Repair Mediatek Devices !Dow...

MAL-2026-595 Malicious code in morty-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

Malicious code in morty-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

MAL-2026-593 Malicious code in pypi-package-explore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 54257ec88b5f7a5bd69177f84a4c396ab208e727ba1c7b079056f1fab2705c37 Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

Malicious code in pypi-package-explore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 54257ec88b5f7a5bd69177f84a4c396ab208e727ba1c7b079056f1fab2705c37 Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

This Week in Spring - January 27th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this, I cannot believe we're nearly at the end of the month! Time sure flies. Spring AI 2.0.0-M2 is available now Spring Modulith 2.1 M1, 2.0.2, and 1.4.7 released In last week's installment of A Bootiful Podcast ,...

This Week in Spring - January 26th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this, I cannot believe we're nearly at the end of the month! Time sure flies. Spring AI 2.0.0-M2 is available now Spring Modulith 2.1 M1, 2.0.2, and 1.4.7 released In last week's installment of A Bootiful Podcast ,...

[SECURITY] Fedora 42 Update: libpcap-1.10.6-1.fc42

Libpcap provides a portable framework for low-level network monitoring. Libpcap can provide network statistics collection, security monitoring and network debugging. Since almost every system vendor provides a different interface for packet capture, the libpcap authors created this...

MiracleLinux 8 : gdb-8.2-11.el8 (AXSA:2020-788:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-788:03 advisory. gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution CVE-2019-1010180 Tenable has extracted the...

CVE-2025-71102 scs: fix a wrong parameter in __scs_magic

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...