CVE-2026-24215

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend that could allow an attacker to cause uncontrolled resource consumption, potentially leading to denial of service. Affected: Triton Inference Server (DALI backend). CVSS from NVIDIA security bulletin shows CVSSv3.1 5.7 (M...

EUVD-2026-31053

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service...

CVE-2026-24213

The CVE-2026-24213 entry concerns NVIDIA Triton Inference Server’s DALI backend, where an out-of-bounds read is possible due to a vulnerability in that backend. Affected component: DALI backend within Triton Inference Server. Reported impacts include code execution, data tampering, denial of serv...

EUVD-2026-31055

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or information disclosure...

RLSA-2026:19345 Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

gdk-pixbuf2 security update

An update is available for gdk-pixbuf2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gdk-pixbuf2 packages provide an image loading library that can be...

RockyLinux 9 : LibRaw (RLSA-2026:19345)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19345 advisory. LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based...

Important: Red Hat Security Advisory: LibRaw security update

An update for LibRaw is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2026-33741

EspoCRM prior to version 9.3.4 is affected by a Stored XSS via SVG attachments loading same-origin JavaScript. Versions 9.3.3 and earlier allow authenticated users to upload SVG attachments (through normal attachment fields) and later serve those SVGs as top-level inline documents via attachment ...

protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion

Summary protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON and Namespace.addJSON. A crafted JSON descriptor with deeply nested namespace definitions could cause the JavaScript call stack to be exhausted during descriptor loading. Impact An...

GHSA-JGGG-4JG4-V7C6 protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion

Summary protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON and Namespace.addJSON. A crafted JSON descriptor with deeply nested namespace definitions could cause the JavaScript call stack to be exhausted during descriptor loading. Impact An...

CVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

ALSA-2026:19127 Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

ALSA-2026:19345 Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow ...

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

PT-2026-42013

Name of the Vulnerable Software and Affected Versions CtrlPanel versions prior to 1.2.0 Description An authenticated admin-level user can achieve Remote Code Execution by supplying an arbitrary class name available in the Composer autoloader. The admin settings update endpoint accepts a fully...

Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

CLSA-2026-1779127347 Fix CVE(s): CVE-2026-42050

SECURITY UPDATE: fix stack buffer overflow in XTileImage when loading malicious MIFF in display tool - debian/patches/CVE-2026-42050.patch: fix stack buffer overflow in XTileImage when loading malicious MIFF in display tool - CVE-2026-42050...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the SpriteFont file loading process. An attacker can execute arbitrary code by providing a specially crafted .spritefont file that triggers a 32-bit integer overflow during multiplication. This is only...