EUVD-2022-3359

Malicious code in bioql PyPI...

EUVD-2025-5980

Malicious code in bioql PyPI...

EUVD-2024-0625

Malicious code in bioql PyPI...

EUVD-2025-29406

Malicious code in bioql PyPI...

dbgpt-app (=0.8.0rc1), dbgpt-client (>=0.7.0 <=0.8.0rc1) +2 more potentially affected by CVE-2025-6772 via dbgpt (=0.8.0)

dbgpt PYPI version =0.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on dbgpt and may be impacted: - dbgpt-app =0.8.0rc1 - dbgpt-client =0.7.0, =0.7.0, =0.8.0, =0.8.0rc1 Source cves: CVE-2025-6772 Source advisory: SNYK:PYTHON-DBGPT-10562212...

CVE-2025-38033 x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST or Rust >= 1.88

In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...

CVE-2025-40912

CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode. CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362...

Perl CryptX 安全漏洞

Perl CryptX is a versatile and powerful, high-performance cryptographic toolkit for Perl open source. A security vulnerability exists in Perl CryptX versions prior to 0.087, which stems from a dependency stock in integer overflow problem...

Debian dla-4106 : jetty9 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4106 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4106-2 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 4106-2] jetty9 regression update

Debian LTS Advisory DLA-4106-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 05, 2025 https://wiki.debian.org/LTS Package : jetty9 Version : 9.4.57-0+deb11u2 The security update DLA-4106-1 for jetty9 incorrectly required an unavailable dependency on...

JVN#39026557: Multiple vulnerabilities in PowerCMS

PowerCMS provided by Alfasado Inc. contains multiple vulnerabilities listed below. Injection CWE-74 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2025-29993 The product improperly processes HTTP headers. Dependency on vulnerable third-party component CWE-1395 jQuery Validation...

CVE-2025-27607 Python JSON Logger has a Potential RCE via missing `msgspec-python313-pre` dependency

Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...

CVE-2024-56744

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock in f2fsrecordstopreason syzbot reports deadlock issue of f2fs as below: ====================================================== WARNING: possible circular locking dependency detected...

CVE-2024-56744

Technical details for CVE-2024-56744 are not publicly provided in the supplied documents; no affected products or fixes are confirmed here. Monitor for updates from kernel advisories or vendor bulletins.

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gradle (SUSE-SU-2024:3163-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:3163-1 advisory. - CVE-2023-35946: Fixed a dependency issue leading the cache to write files into an unintended location...

SUSE-SU-2024:3163-1 Security update for gradle

This update for gradle fixes the following issues: - CVE-2023-35946: Fixed a dependency issue leading the cache to write files into an unintended location. bsc1212930...

aad-fastapi-dl37 (>=1.0.0 <=1.0.2), affinda (>=0.1.12 <=1.2.0) +104 more potentially affected by CVE-2024-35255 via azure-identity (>=1.0.1 <=1.16.0)

azure-identity PYPI version =1.0.1, =1.0.0, =0.1.12, =0.0.2, =1.1.89, =0.1.0b1, =0.21.2111.177147b1, =0.1.5, =1.0.0, =1.37.0, =1.0.0.124727, =0.0.7, =0.7.16, =0.6.23, =0.16.0, =0.0.8, =0.0.34 and more Source cves: CVE-2024-35255 Source advisory: OSV:GHSA-M5VV-6R4H-3VJ9...

CVE-2022-48658

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...

CVE-2022-48658

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...

CVE-2022-48658

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...