CVE-2026-24477 AnythingLLM has key leak in `systemSettings.js`

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text to unauthenticate...

CVE-2026-24001 jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

Impact Attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory without limit until the process crashes due to running out of memory. Applications are therefore...

CVE-2025-15013

A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function sgvalidatepipelinedesc in the library sokolgfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is...

EUVD-2025-202929

LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when creating prompts, JSON requests are sent to define and modify the prompts via PATCH endpoint for prompt groups /api/prompts/groups/:groupId. However, the request bodies are not sufficiently validated for prop...

EUVD-2015-1555

Malware in sbrugna...

EUVD-2010-1699

Malware in sbrugna...

EUVD-2021-1022

Malware in sbrugna...

EUVD-2004-2682

Malware in sbrugna...

EUVD-2019-5066

Malware in sbrugna...

EUVD-2018-13506

Malware in sbrugna...

EUVD-2014-9447

Malware in sbrugna...

EUVD-2017-14641

Malware in sbrugna...

EUVD-2025-24049

Malicious code in bioql PyPI...

GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.

...

Linux Distros Unpatched Vulnerability : CVE-2023-2977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart...

Linux Distros Unpatched Vulnerability : CVE-2018-20230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function readbytesinternal in utilities/pspp-dump-sav.c, which allows...

Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems

Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper. But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial...

Linux Distros Unpatched Vulnerability : CVE-2018-12115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and...

Linux Distros Unpatched Vulnerability : CVE-2019-20429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for...