ROOT-OS-DEBIAN-11-CVE-2022-50224 CVE-2022-50224 in rootio-linux - Patched by Root

Root has patched CVE-2022-50224 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to arbitrary code execution, loss of confidentiality and denial of service

Summary IBM App Connect Enterprise Certified Container operator and operands are vulnerable to arbitrary code execution CVE-2026-23950, CVE-2026-31802, CVE-2026-26960, CVE-2026-24842, CVE-2026-33228, CVE-2026-29786, CVE-2026-23745, CVE-2026-40175, GHSA-v8w9-8mx6-g223, CVE-2026-34601, CVE-2026-295...

CVE-2026-20429

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5535...

CVE-2021-0896

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05671206...

CVE-2022-31072

Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is...

CVE-2022-31025

Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the stable branch and 2.9.0beta5 on the beta and tests-passed branches, inviting users on sites that use single sign-on could bypass the mustapproveusers check and invites by staff are always approved...

CVE-2021-41096

Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm RSA/ECB/PKCS1Padding. The issue will be patched in v2.3 for release builds and 426 onwards for...

CVE-2021-41163

Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack of validation in subscribeurl values. This issue is patched in the latest stable, beta and tests-passed versions of...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality [CVE-2025-1993]

Summary IBM App Connect Enterprise Certified Container DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user. This bulletin provides patch information to address the vulnerability in I...

PT-2025-44963

Name of the Vulnerable Software and Affected Versions Everything affected versions not specified Description The service used by Everything, running with SYSTEM privileges, communicates with the Everything GUI using a named pipe. This named pipe has a NULL Discretionary Access Control List DACL,...

EUVD-2020-28274

Malware in sbrugna...

EUVD-2019-0142

Malware in sbrugna...

EUVD-2021-1119

Malware in sbrugna...

EUVD-2020-7261

Malware in sbrugna...

EUVD-2008-0646

Malware in sbrugna...

EUVD-2022-35660

Malicious code in bioql PyPI...

EUVD-2022-35732

Malicious code in bioql PyPI...

EUVD-2023-25010

Malicious code in bioql PyPI...

EUVD-2023-37058

Malicious code in bioql PyPI...

EUVD-2025-19598

Malicious code in bioql PyPI...