[SECURITY] Fedora 42 Update: rust-sequoia-openpgp-2.3.0-1.fc42

OpenPGP data types and associated machinery...

GHSA-XRWR-FCW6-FMQ8 Weblate: SSRF via Project-Level Machinery Configuration

Impact A user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate makes an HTTP request to the attacker-controlled URL and reflec...

CVE-2026-34244 Weblate: SSRF via Project-Level Machinery Configuration

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

CVE-2026-34244 Weblate: SSRF via Project-Level Machinery Configuration

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

PT-2026-33121

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

EUVD-2020-2746

Malware in sbrugna...

EUVD-2024-51379

Malicious code in bioql PyPI...

Malicious code in machinery-typescript (npm)

The package machinery-typescript was found to contain malicious code...

MAL-2025-25748 Malicious code in machinery-typescript (npm)

The package machinery-typescript was found to contain malicious code...

CVE-2025-21983

In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...

Linux Distros Unpatched Vulnerability : CVE-2024-26803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIFFGRO automatically when...

CVE-2024-13152

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BSS Software Mobuy Online Machinery Monitoring Panel allows SQL Injection. This issue affects Mobuy Online Machinery Monitoring Panel: before 2.0...

CVE-2024-13152

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BSS Software Mobuy Online Machinery Monitoring Panel allows SQL Injection. This issue affects Mobuy Online Machinery Monitoring Panel: before 2.0...

CVE-2024-50220 fork: do not invoke uffd on fork if error occurs

In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork operation is complete...

[SECURITY] Fedora 40 Update: rust-sequoia-openpgp-1.21.1-1.fc40

OpenPGP data types and associated machinery...

CVE-2021-47262

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery provided by the tracing subystem to make a copy of the string literals consumed by the "nested VM-Enter failed" tracepoint. A complet...

CVE-2024-26803 net: veth: clear GRO when clearing XDP even when down

In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIFFGRO automatically when XDP is enabled, because both features use the same NAPI machinery. The logic to clear NETIFFGRO sits in vethdisablexdp which is called...

CVE-2024-26803

In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIFFGRO automatically when XDP is enabled, because both features use the same NAPI machinery. The logic to clear NETIFFGRO sits in vethdisablexdp which is called...

buffalo-machinery.com Cross Site Scripting vulnerability OBB-3823738

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

pxinarismachinery.com Improper Access Control vulnerability OBB-3808698

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...