CVE-2026-48860 Distribution-over-TLS LAN allowlist silently bypassed due to sockname/peername confusion in inet_tls_dist

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

PT-2026-48467

Name of the Vulnerable Software and Affected Versions Erlang/OTP versions 26.0 through 29.0.1 Erlang/OTP version 28.5.0.1 and earlier Erlang/OTP version 27.3.4.12 and earlier ssl versions 11.0 through 11.7.1 ssl version 11.6.0.1 and earlier ssl version 11.2.12.8 and earlier Description An issue i...

Security update for distribution

This update for distribution rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15...

CVE-2026-41888

creationtimestamp| type| source ---|---|--- 2026-05-01 14:27:56+00:00| published-proof-of-concept| https://github.com/distribution/distribution/security/advisories/GHSA-6pjf-3r9x-m592...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the readParticipantGenericMessage function when DDS Security is enabled. An attacker can cause the process to terminate remotely by sending specially crafted messages that trigger excessive memory allocation durin...

CVE-2025-64098 FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

EUVD-2024-50481

Malicious code in bioql PyPI...

CVE-2025-2443

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

Linux Distros Unpatched Vulnerability : CVE-2024-35897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook...

Linux Distros Unpatched Vulnerability : CVE-2020-6630

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gfisomgetmediadatasize in isomedia/isomread.c. CVE-2020-6630...

Linux Distros Unpatched Vulnerability : CVE-2022-49100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtioconsole: eliminate anonymous moduleinit & moduleexit Eliminate anonymous moduleinit and moduleexit, which can lead to confusion or ambiguity when reading...

Linux Distros Unpatched Vulnerability : CVE-2024-43892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 mm: memcontrol: fix...

Linux Distros Unpatched Vulnerability : CVE-2024-40724

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted fi...

[SECURITY] [DSA 5799-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5799-1 [email protected] https://www.debian.org/security/ Andres Salomon October 28, 2024 https://www.debian.org/security/faq -...

OPENSUSE-SU-2020:1433-1 Security update for docker-distribution

This update for docker-distribution fixes the following issues: - Enable build on %arm which include armv6, not only on armv7 - Enable ppc64le - Use correct URL to project - Remove fillup, we don't ship a sysconfig file - Correct systemd requires - Enable build on ARM - Upgraded to 2.7.1 - Suppor...

SafeText - Script To Remove Homoglyphs And Zero-Width Characters To Allow For Safe Distribution Of Documents From Anonymous Sources

Tool to sanitize text to allow for safe distribution of documents from anonymous sources by removing zero-width characters and homoglpyhs. Individuals attempting to leak an email or other text file face the risk of identification through fingerprinting. Fingerprinting often occurs when the origin...

[SECURITY] [DSA 517-1] New CVS packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 517-1 [email protected] http://www.debian.org/security/ Martin Schulze June 10th, 2004 http://www.debian.org/security/faq -...