ROS-20260317-73-0011

A vulnerability in the i2cdwxferinit function of the drivers/i2c/busses/i2c-designware-master.c module of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory as a result of incorrect resource initialization. Exploitation of the vulnerability could...

EulerOS Virtualization 2.12.0 : gnutls (EulerOS-SA-2026-1485)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2026-1393)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token...

ROS-20260313-73-0011

A vulnerability in the vmcitransportpacket function of the Linux operating system kernel is related to errors in variable initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

UBUNTU-CVE-2026-27940

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

CVE-2026-27940

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

EUVD-2026-7413

ImageMagick: Heap overflow in pcd decoder leads to out of bounds read...

SUSE CVE-2023-43637

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the last 16 bytes predetermined to be "arfoobarfoobarfo". This issue happens because "deriveVaultKey" calls "retrieveCloudKey" which will always return "foobarfoobarfoobarfoobarfoobarfo...

UBUNTU-CVE-2026-3994

A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...

PT-2026-25036

Dataease is an open source data visualization analysis tool. Prior to 2.10.20, By controlling the IniFile parameter, an attacker can force the JDBC driver to load an attacker-controlled configuration file. This configuration file can inject dangerous JDBC properties, leading to remote code...

gnutls security update

3.8.3-10fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux Orabug: 35925409 3.8.3-10 - Fix PKCS11 token initialization label overflow CVE-2025-9820 - Fix name constraint processing performance issue...

Oracle Linux 9 : gnutls (ELSA-2026-4188)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4188 advisory. - Fix PKCS11 token initialization label overflow CVE-2025-9820 Tenable has extracted the preceding description block directly from the Oracle Linux...

EUVD-2026-11351

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code...

CVE-2026-0940

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code...

CVE-2026-0940

CVE-2026-0940 concerns an improper initialization vulnerability in the BIOS of some ThinkPads. It could let a local privileged user modify data and execute arbitrary code. Affected software/hardware: ThinkPad BIOS firmware (on affected ThinkPad models). Root cause: improper initialization. Impact...

CVE-2026-0940

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code...

CVE-2026-0940

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code...

CVE-2026-0940

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code...

CVE-2026-30235

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, this vulnerability occurs due to improper validation of OpenProject’s Markdown rendering, specifically in the hyperlink handling. This allows an attacker to inject malicious hyperlink payloads that perform DOM...

CVE-2026-30235

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, this vulnerability occurs due to improper validation of OpenProject’s Markdown rendering, specifically in the hyperlink handling. This allows an attacker to inject malicious hyperlink payloads that perform DOM...