backpack/crud is vulnerable to Cross-Site Scripting (XSS)

Impact It’s a “moderate” vulnerability… but being an admin panel, take this seriously. It’s difficult… but an attacker could conduct a targeted phishing campaign, in order to trick your users or admins to click a malicious link, which under very specific circumstances could give them information...

EUVD-2025-2611

Malicious code in bioql PyPI...

Advisory ROSA-SA-2025-2557

Software: giflib 4.1.6 OS: rosa-server79 packageevrstring: giflib-4.1.6-9.0.1.1.res7 CVE-ID: CVE-2023-48161 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Buffer Overflow vulnerability in GifLib allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function. CVE-STATUS: The...

PDF24 Creator Security Vulnerability

PDF24 Creator is a completely free and useful PDF toolkit from PDF24 Open Source that makes it easy to create, edit and convert PDF files. A security vulnerability exists in PDF24 Creator version 11.14.0, which stems from the discovery that the configuration of the msi installer file generates a...

Advisory ROSA-SA-2023-2199

Software: aspell 0.60.6.1 OS: ROSA Virtualization 2.1 packageevrstring: aspell-0.60.6.1.1-21.rv3.1.src.rpm CVE-ID: CVE-2019-17544 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer that is reloaded in acommon::unescape in common/getdata.cpp...

MGASA-2022-0248 Updated ruby-git packages fix security vulnerability

Command Injection via git argument injection CVE-2022-25648...

UVI-2021-1001811 xhci: Fix command ring pointer corruption while aborting a command

xhci: Fix command ring pointer corruption while aborting a command This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.213 by commit...

Security update for kconfig, kdelibs4 (important)

openSUSE Security Update: Security update for kconfig, kdelibs4 Announcement ID: openSUSE-SU-2019:1851-2 Rating: important References: 1144600 Cross-References: CVE-2019-14744 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: Th...