GHSA-QQQ4-5773-PMW5 uniget is Vulnerable to Command Injection in tool.Check Leading to Arbitrary Code Execution

I discovered a command injection vulnerability in uniget that allows arbitrary command execution through the metadata loading and version check mechanism. Summary A command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c...

Linux Distros Unpatched Vulnerability : CVE-2026-34445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was usi...

UBUNTU-CVE-2026-34445

Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...

EUVD-2015-5235

Malware in sbrugna...

OSV-2025-618 Heap-buffer-overflow in iTUNTripletCallback

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437731214 Crash type: Heap-buffer-overflow READ 3 Crash state: iTUNTripletCallback SetupMeta MP4LoadMeta...