CVE-2026-56077

CVE-2026-56077 concerns PraisonAI before 1.5.115, where an information disclosure vulnerability exists in the MultiAgentLedger component. The root cause is failure to enforce unique agent IDs during registration, enabling attackers to share ledger instances and access sensitive data including sys...

PT-2026-50808

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.115 Description An information disclosure issue exists in the MultiAgentLedger component. The system fails to enforce the uniqueness of agent IDs, allowing attackers to register agents with duplicate IDs. This...

CVE-2026-8358

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

CVE-2026-8358

CVE-2026-8358 affects LibreOffice Calc during import of tracked changes. A heap buffer overflow occurs when a document reuses the same change identifier for two different kinds of changes; the importer may treat one change object as a larger type and write past the end of its allocation. The vuln...

EUVD-2026-36740

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

CVE-2026-8358 Heap buffer overflow in spreadsheet tracked-changes import

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

PT-2026-49268

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly linking new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when their refcount was 1. On the other hand, createflowhandle attempts to find and...

CVE-2026-20895

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

keylime security update

7.12.1-16 - CVE-2026-1709: Registrar authentication bypass 7.12.1-15 - Registrar allows identity takeover via duplicate UUID registration 7.12.1-14 - Properly fix malformed TPM certificates workaround 7.12.1-13 - Avoid opening /dev/stdout when printing 7.12.1-12 - Fix malformed TPM certificates...

keylime security update

7.12.1-11.3 - Registrar allows identity takeover via duplicate UUID registration Resolves: RHEL-130760 7.12.1-11.2 - Properly fix the malformed certificate workaround Resolves: RHEL-111244...

Security update for keylime (critical)

openSUSE security update: security update for keylime ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20159-1 Rating: critical References: bsc1237153 bsc1254199 Cross-References: CVE-2025-1057 CVE-2025-13609 CVSS scores: CVE-2025-13609 SUSE : 9...

Linux Distros Unpatched Vulnerability : CVE-2024-4227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID...

UBUNTU-CVE-2024-4227

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

Genivia gSOAP 安全漏洞

Genivia gSOAP is a C/C++ software development kit with automatic coding from Genivia, Inc. A security vulnerability exists in Genivia gSOAP, which originates from a denial of service due to a high CPU load caused by an unauthenticated, remote attacker forcing the parsing of XML with duplicate ID...

Gallagher Controller 6000和Gallagher Controller 7000 安全漏洞

The Gallagher Controller 6000 and Gallagher Controller 7000 are both products of Gallagher New Zealand.The Gallagher Controller 6000 is an interface between a Gallagher Command Center server and distributed field hardware. The Gallagher Controller 7000 is a powerful network connected controller. ...

OESA-2023-1680 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

PT-2022-14154 · Linux Mint +1 · Linuxmint +1

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific issue. It appears to be related to the management of vulnerability identifiers, indicating that one...

CVE-2021-3436

BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions = 1.14.2, = 2.4.0, = 2.5.0 contain Use of Multiple Resources with Duplicate Identifier CWE-694. For more information, see...

UBUNTU-CVE-2014-9872

The diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not ensure unique identifiers in a DCI client table, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28750155 and Qualcomm internal bug CR590721...