CVE-2026-34907

Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting XSS due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScript embedded in the locale parameter and send it to a victim. When the victim opens the link, the...

EUVD-2022-43982

Malicious code in bioql PyPI...

AWS VDP: Amazon Comprehend Medical Service Reporting "AWS Internal" for CloudTrail Events Generated from FIPS Endpoints

The Comprehend Medical service was found to have 8 API endpoints that incorrectly reported the user-agent and network information as "AWS Internal" in CloudTrail event logs. This behavior was observed specifically for FIPS endpoints, which may have been an intentional design decision. The...

DEBIAN-CVE-2022-48836

In the Linux kernel, the following vulnerability has been resolved: Input: aiptek - properly check endpoint type Syzbot reported warning in usbsubmiturb which is caused by wrong endpoint type. There was a check for the number of endpoints, but not for the type of endpoint. Fix it by replacing old...

CVE-2020-11608

An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511modeinitregs and ov518modeinitregs when there are zero endpoints, aka CID-998912346c0d...