GHSA-H383-GMXW-35V2 Apache Log4j 1 to Log4j 2 bridge: silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

CVE-2026-34479

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

CVE-2026-40023 Apache Log4cxx, Apache Log4cxx (Conan), Apache Log4cxx (Brew): Silent log event loss in XMLLayout due to unescaped XML 1.0 forbidden characters

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

RHEL 7 : kernel (RHSA-2026:3685)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3685 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory corruptio...

CVE-2025-40254

CVE-2025-40254 targets the Linux kernel openvswitch nsh field handling. The issue stems from incorrect validation of set(nsh(...)) due to a mismatched memory layout and confusing mask vs value flags, which can cause kernel NULL pointer dereferences or crashes during validation. The advisory notes...

EUVD-2012-5044

Malware in sbrugna...

EUVD-2021-1687

Malware in sbrugna...

EUVD-2012-0219

Malware in sbrugna...

EUVD-2015-2778

Malware in sbrugna...

EUVD-2011-1197

Malware in sbrugna...

EUVD-2017-14576

Malware in sbrugna...

EUVD-2022-44028

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-54812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HT...

NewStart CGSL MAIN 7.02 : libmicrohttpd Vulnerability (NS-SA-2025-0091)

The remote NewStart CGSL host, running version MAIN 7.02, has libmicrohttpd packages installed that are affected by a vulnerability: - GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c...

CVE-2025-22069 riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler

In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match archftraceregs argument of ftracereturntohandler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftracestresstest.sh in riscv. We can reproduce the sam...

firefox: thunderbird: Use-after-free in layout with accessibility

The Mozilla Foundation's Security Advisory: An attacker could cause a use-after-free when accessibility is enabled, leading to a potentially exploitable crash...

firefox: thunderbird: Use-after-free in layout with accessibility

The Mozilla Foundation's Security Advisory: An attacker could cause a use-after-free when accessibility is enabled, leading to a potentially exploitable crash...

Keyboard layout sync failures due to Microsoft API limitation

Symptom 1: In a Windows Server VDA session the keyboard layout might not sync with the client keyboard layout when launching session with the "Sync only once - when the session launches" in the Citrix Workspace App Windows/Linux/Mac keyboard setting. Symptom 2: In a Windows 10/11, Windows Server...

When connected to Windows welcome/lock screen, the keyboard layout will revert to the system default

When presented with welcome/lock screen of Windows, the keyboard layout will revert to the system default layout of VDA on windows station. This is particularly problematic when changing passwords...

Description of the Microsoft Office 2008 for Mac 12.1.3 Update

Describes the changes that the Office 2008 for Mac 12.1.3 Update makes to Office 2008 for Mac programs.INTRODUCTIONMicrosoft has released security bulletin MS08-057. This security bulletin contains all the relevant information about the security updates for Microsoft Office 2008 for Mac. To view...