CVE-2026-43268

A flaw was found in the HFS Plus hfsplus filesystem within the Linux kernel. This vulnerability occurs because the hfsplus filesystem incorrectly identifies certain special filesystem objects as regular files. This misclassification can lead to inconsistencies with how the operating system's...

Updated python-django packages fix security vulnerability

Potential incorrect permissions on newly created file system objects. CVE-2026-25674...

EUVD-2022-1669

Malicious code in bioql PyPI...

DEBIAN-CVE-2024-50121

In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsdshrinkerwork using sync mode in nfs4stateshutdownnet In the normal case, when we excute echo 0 /proc/fs/nfsd/threads, the function nfs4statedestroynet in nfs4stateshutdownnet will release all resources related to...

Heap overflow

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the sflush stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write2 system call returns an error. Depending on the...

Exposure of Sensitive Information to an Unauthorized Actor Jenkins Script Security Plugin

In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new File objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type...

Multiple F5 Products Input Validation Error Vulnerability

F5 BIG-IP and others are products of F5 Corporation in the U.S. F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, etc. F5 Enterprise Manager is a tool that provides a view of the entire BIG-IP application...

CVE-2017-1000505

In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new File objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type...

[SECURITY] Fedora 24 Update: tracker-1.8.2-1.fc24

Tracker is a powerful desktop-neutral first class object database, tag/metadata database, search tool and indexer. It consists of a common object database that allows entities to have an almost infinite number of properties, metadata both embedded/harvested as well as user definable, a...

CVE-2000-1212

Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects...

CVE-2000-1212

CVE-2000-1212 concerns Zope 2.2.0–2.2.4, where a data updating method on Image and File objects is not properly protected. This flaw enables attackers with DTML editing privileges to modify the raw data of these objects. The vulnerability is rooted in insufficient access controls on a data update...