RLSA-2026:9693 Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK:...

[SECURITY] [DSA 6282-1] rsync security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6282-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 20, 2026 https://www.debian.org/security/faq -...

CVE-2026-25161

Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application contains path traversal vulnerability in multiple file operation handlers. An authenticated attacker can bypass directory-level authorisation by injecting traversal...

Alist vulnerable to Path Traversal in multiple file operation handlers

Summary The application contains a Path Traversal vulnerability CWE-22 in multiple file operation handlers. An authenticated attacker can bypass directory-level authorisation by injecting traversal sequences into filename components, enabling unauthorised file removal, movement and copying across...

CVE-2026-23851

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...

CVE-2010-0537

DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly resolve pathnames in certain circumstances involving an application's save panel, which allows user-assisted remote attackers to trigger unintended remote file copying via a crafted share name...

CVE-2024-34600

Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage...

EUVD-2019-7836

Malware in sbrugna...

EUVD-2010-0568

Malware in sbrugna...

EUVD-2019-2944

Malware in sbrugna...

EUVD-2020-26950

Malware in sbrugna...

EUVD-2005-1722

Malware in sbrugna...

EUVD-2019-18373

Malware in sbrugna...

EUVD-2021-13407

Malware in sbrugna...

EUVD-2002-0765

Malware in sbrugna...

EUVD-2014-1591

Malware in sbrugna...

EUVD-2021-2286

Malware in sbrugna...

EUVD-2022-1344

Malicious code in bioql PyPI...

EUVD-2024-43262

Malicious code in bioql PyPI...

WordPress plugin WP Webhooks 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...