Red Hat AI Inference Server 安全漏洞

Red Hat AI Inference Server is a server product developed by Red Hat Inc. for artificial intelligence inference services. There is a security vulnerability in Red Hat AI Inference Server. This vulnerability stems from a symbolic integer overflow in the fragment recombination boundary check of the...

RockyLinux 9 : perl-XML-Parser (RLSA-2026:7679)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7679 advisory. perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files CVE-2006-10003 perl-xml-parser: XML::Parser for Perl: Heap corruption and...

Radare2 安全漏洞

Radare2 is an open-source reverse framework for Unix geeks developed by Radare. Versions of Radare2 prior to 6.1.4 contained security vulnerabilities. These vulnerabilities stemmed from the printgvars function in the PDB parser, which had issues with command injection, potentially allowing...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : XML::Parser vulnerabilities (USN-8174-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8174-1 advisory. It was discovered that XML::Parser incorrectly handled certain multi-byte UTF-8 characters. If a user or automated system were tricke...

Ubuntu: Security Advisory (USN-8174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

goldmark 安全漏洞

Goldmark is a Markdown parser written in Go language by Yusuke Inuzuka. Versions of Goldmark prior to 1.7.17 contained security vulnerabilities, which were caused by improper URL validation and normalization order. These vulnerabilities could lead to cross-site scripting attacks...

AlmaLinux 10 : perl-XML-Parser (ALSA-2026:7680)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:7680 advisory. perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files CVE-2006-10003 perl-xml-parser: XML::Parser for Perl: Heap corruption and...

PT-2026-33002

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print gvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

RockyLinux 10 : perl-XML-Parser (RLSA-2026:7680)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7680 advisory. perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files CVE-2006-10003 perl-xml-parser: XML::Parser for Perl: Heap corruption and...

Uncontrolled resource consumption and loop with unreachable exit condition in facil.io and downstream iodine ruby gem

Summary fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a parse error. Because iodine vendors the same parser code, the issue also affects iodine when it parses...

GHSA-2X79-GWQ3-VXXM Uncontrolled resource consumption and loop with unreachable exit condition in facil.io and downstream iodine ruby gem

Summary fiojsonparse can enter an infinite loop when it encounters a nested JSON value starting with i or I. The process spins in user space and pegs one CPU core at 100% instead of returning a parse error. Because iodine vendors the same parser code, the issue also affects iodine when it parses...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...