ROOT-APP-NPM-CVE-2026-24842 CVE-2026-24842 in @rootio/tar - Patched by Root

Root has patched CVE-2026-24842 in the @rootio/tar package for Root:npm. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2024-50073 CVE-2024-50073 in rootio-linux - Patched by Root

Root has patched CVE-2024-50073 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

SUSE SLES12 Security Update : kernel (Live Patch 68 for SLE 12 SP5) (SUSE-SU-2025:03498-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03498-1 advisory. This update for the Linux Kernel 4.12.14-122258 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix...

EUVD-2017-11172

Malware in sbrugna...

EUVD-2005-0207

Malware in sbrugna...

EUVD-2013-1027

Malware in sbrugna...

EUVD-2021-0819

Malware in sbrugna...

EUVD-2022-52053

Malicious code in bioql PyPI...

EUVD-2024-48064

Malicious code in bioql PyPI...

EUVD-2022-33581

Malicious code in bioql PyPI...

EUVD-2022-29609

Malicious code in bioql PyPI...

Red Teaming Program Repair Agents: When Correct Patches Can Hide Vulnerabilities

LLM-based agents are increasingly deployed for software maintenance tasks such as automated program repair APR. APR agents automatically fetch GitHub issues and use backend LLMs to generate patches that fix the reported bugs. However, existing work primarily focuses on the functional correctness ...

Linux Distros Unpatched Vulnerability : CVE-2021-25214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview Edition...

Linux Distros Unpatched Vulnerability : CVE-2023-52678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing listfirstentry in kfdtopology.c Befor...

CVE-2025-54584 GitProxy is vulnerable to a packfile parsing exploit

GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...

CVE-2025-50086

...

WordPress Puca Theme <= 2.6.33 is vulnerable to Local File Inclusion

Software Puca Type Theme Vulnerable versions = 2.6.33 Fixed in 2.6.34 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-30992 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 5c9cf9e5fa07 Credits Phat RiO - BlueRock Required privilege...

CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

CVE-2022-35935

TensorFlow is an open source platform for machine learning. The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. This issue has been patched in GitHub commit...

CVE-2021-37709

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding securit...