216 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021654)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021654 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...
Advisory ROSA-SA-2026-3271
Software: open-vm-tools 12.5.2 OS: ROSA-CHROME unaffected versions = open-vm-tools-12.5.2-1 affected versions open-vm-tools-12.5.2-1 CVE-ID: CVE-2025-22247 BDU-ID: 2025-05681 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the VMware Tools suite of utilities is related to incorrectly identifying a...
Linux Distros Unpatched Vulnerability : CVE-2026-43372
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: dsa: microchip: Fix error path in PTP IRQ setup If requestthreadedirq fails during the PTP message IRQ setup, the newly created IRQ mapping is never...
CVE-2026-41423
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.21, 20.3.19, 21.2.9, and 22.0.0-next.8, a Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server due to improper...
USN-8251-1 libpng1.6 vulnerabilities
It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute...
多款D-Link产品访问控制错误漏洞
D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have a vulnerability related to access control,...
CVE-2026-33192 free5GC UDM incorrectly returns 500 for empty supi path parameter in PATCH sdm-subscriptions reques
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling PATCH requests with an empty supi path parameter...
CVE-2026-31963 HTSlib CRAM reader has heap buffer overflow due to improper validation of input
HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it...
WordPress plugin User Registration & Membership 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : DjVuLibre vulnerabilities (USN-8054-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8054-1 advisory. It was discovered that DjVuLibre could be forced to execute a division by zero in certain instances. A...
Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1404)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1404 advisory. Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using th...
curl: MQTT Protocol Packet Injection via Unchecked CONNACK Remaining Length
I'm not sure if this is a vulnerability or intended behavior, but I noticed that curl MQTT implementation accepts CONNACK packets with Remaining Length values greater than 2, which appears to violate the MQTT v3.1.1 specification. According to the MQTT spec, CONNACK packets should have a Remainin...
Cisco Secure Firewall Threat Defense和Cisco UTD SNORT IPS Engine Software 信息泄露漏洞
Cisco Secure Firewall Threat Defense and Cisco UTD SNORT IPS Engine Software are both products of Cisco, Inc.Cisco Secure Firewall Threat Defense is an integrated firewall platform. Cisco UTD SNORT IPS Engine Software is an intrusion detection and defense engine. An information disclosure...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to improper memory handling and result in an unexpected process crash...
CVE-2025-66118 WordPress Sprout Clients plugin <= 3.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Sprout Clients sprout-clients allows Reflected XSS.This issue affects Sprout Clients: from n/a through = 3.2.1...
SUSE CVE-2025-66287
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
Huawei HarmonyOS package management module data handling error vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling error vulnerability exists in the Huawei HarmonyOS package management module, which can be exploited by attackers to affect availability...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling error vulnerability exists in the Huawei HarmonyOS package management module, which can be exploited by attackers to affect availability...
EUVD-2020-2530
Malware in sbrugna...
EUVD-2020-24450
Malware in sbrugna...