PT-2026-3324

Name of the Vulnerable Software and Affected Versions seeyon Zhiyuan A8+ Collaborative Management Software version 7.0 Description A cross site scripting issue exists in seeyon Zhiyuan A8+ Collaborative Management Software. The issue is related to the topValue parameter used with the...

CVE-2025-56451

Cross site scripting vulnerability in seeyon Zhiyuan A8+ Collaborative Management Software 7.0 via the topValue parameter to the seeyon/main.do endpoint...

CVE-2025-56451

The CVE-2025-56451 entry documents a Cross-Site Scripting (XSS) vulnerability in Seeyon Zhiyuan A8+ Collaborative Management Software 7.0, exploitable via the topValue parameter on the seeyon/main.do endpoint. The issue is described across multiple sources (NVD/Red Hat/EUVD/CIRCL, etc.) with a CV...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003666 advisory. An issue was discovered in the Linux kernel before 5.0.11. fm10kinitmodule in drivers/net/ethernet/intel/fm10k/fm10kmain.c has a NULL pointer dereference because the...

CVE-2025-56451

Cross site scripting vulnerability in seeyon Zhiyuan A8+ Collaborative Management Software 7.0 via the topValue parameter to the seeyon/main.do endpoint...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000892)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000892 advisory. Buffer overflow in the qethsnmpcommand function in drivers/s390/net/qethcoremain.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001437)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001437 advisory. An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvmmain.c has a kvmiobusunregisterdev memory leak upon a kmalloc failure, aka CID-f65886606c2d...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002157 advisory. Buffer overflow in the qethsnmpcommand function in drivers/s390/net/qethcoremain.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service...

OESA-2026-1013 unrtf security update

UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...

CVE-2022-35008

PNGDec commit 8abf6be was discovered to contain a stack overflow via /linux/main.cpp...

CVE-2019-18216

The BIOS configuration design on ASUS ROG Zephyrus M GM501GS laptops with BIOS 313 relies on the main battery instead of using a CMOS battery, which reduces the value of a protection mechanism in which booting from a USB device is prohibited. Attackers who have physical laptop access can exhaust...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000263)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000263 advisory. A memory leak in the nfpflowerspawnvnicreprs function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause ...

CVE-2025-15391 D-Link DIR-806A SSDP Request ssdpcgi_main command injection

A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgimain of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. This...

CVE-2025-69277

CVE-2025-69277 affects libsodium; root cause is mishandled checks in crypto_core_ed25519_is_valid_point() that can accept points outside the main elliptic-curve group in atypical usage. Descriptions across sources indicate the issue exists in libsodium prior to ad3004e and that fixes were release...

libsodium 安全漏洞

libsodium is a cryptographic software library from the individual developer Frank Denis. A security vulnerability exists in previous versions of libsodium ad3004e, which stems from mishandling of elliptic curve point validity checking, which may allow points that are not part of the main crypto...

EUVD-2025-205506

A security flaw has been discovered in yourmaileyes MOOC up to 1.17. This affects the function subreview of the file mooc/controller/MainController.java of the component Submission Handler. Performing manipulation of the argument review results in cross site scripting. The attack can be initiated...

CVE-2025-65410

A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted input into the filename parameter...

CVE-2025-65410

A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted input into the filename parameter...

UBUNTU-CVE-2025-65410

A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted input into the filename parameter...

Malicious code in fireeye-main (PyPI)

--- -= Per source details. Do not edit below this line.=-...