ROS-20260129-73-0004

A vulnerability in the Samba networking software package is related to authorization errors. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

Kata Containers Code Issues and Vulnerabilities

Kata Containers is an open-source, lightweight virtual infrastructure building tool developed by the Kata Containers community. Versions of Kata Containers prior to 3.26.0 contained code vulnerabilities. These vulnerabilities stemmed from the backtracking of empty directories when handling...

Bdtask Bhojon All-In-One Restaurant Management System has security vulnerabilities.

Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. The versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to version 20260116 contained security vulnerabilities. These vulnerabilities were...

PT-2026-5325

A vulnerability was identified in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The impacted element is an unknown function of the file /hungry/addtocart of the component Add-to-Cart Submission Endpoint. The manipulation of the argument price/allprice leads to business log...

ROS-20260129-73-0019

Vulnerability in python-ldap related to errors in neutralizing special elements. Exploitation of the vulnerability may allow an attacker to escalate privileges...

Bdtask Bhojon All-In-One Restaurant Management System has security vulnerabilities.

Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. Versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to version 20260116 contained security vulnerabilities. These vulnerabilities were cause...

EUVD-2026-4873

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...

CVE-2025-59900 Authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

CVE-2025-59900

CVE-2025-59900 describes a persistent authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. Root cause: insufficient validation of user input in the request path related to server options, specifically in “/server_opti...

CVE-2026-24809

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

RLSA-2026:1409 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics component...

ROS-20260128-73-0024

A vulnerability in the hciinitstagesync function of the Linux operating system kernel is related to read errors outside buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Oneflow security vulnerabilities

Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability, which stems from floating-point exceptions in the oneflow.view component, potentially leading to denial-of-service attacks...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics component...

CVE-2026-1484

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...

AZL-75521 CVE-2026-24809 affecting package memcached for versions less than 1.6.22-3

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

CVE-2026-24809 Save stack space while handling errors in praydog/REFramework

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

CVE-2026-24809

CVE-2026-24809 concerns the REFramework code path in praydog/REFramework (luaG_runerror in lua/src/ldebug.c). It yields a heap-buffer overflow on a recursive error when using versions before 1.5.5. Connected advisories indicate: - ntopng: patched in 5.2.1-4 or later. - memcached: patched in 1.6.2...

CVE-2026-24809 Save stack space while handling errors in praydog/REFramework

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...