CVE-2025-57709

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...

PT-2026-7541

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.4 Description A buffer overflow issue exists in Qsync Central. A remote attacker who obtains a user account can potentially exploit this to alter memory or cause processes to crash. Recommendations Update ...

VulnCheck KEV: CVE-2025-70795

STProcessMonitor Driver contains an insecure IOCTL vulnerability that allows local attackers to terminate arbitrary kernel processes by bypassing validation. Attackers can exploit the exposed process termination functionality to disable security products and gain control of the affected system...

[SECURITY] Fedora 42 Update: openqa-5^20250711git28a0214-4.fc42

openQA is a testing framework that allows you to test GUI applications on one hand and bootloader and kernel on the other. In both cases, it is difficult to script tests and verify the output. Output can be a popup window or it can be an error in early boot even before init is executed. openQA is...

Microhard IPn4G Cellular Gateways Incorrect Authorization (CVE-2018-25146)

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service...

Unity Linux 20.1070e Security Update: screen (UTSA-2026-005208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005208 advisory. Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...

CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...

PT-2026-4909

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005046)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005046 advisory. In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one devic...

Exploit for CVE-2023-52271

Disclaimer: This repository contains code that is provided stric...

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code VS Code extension ecosystem. "The malware is designed to exfiltrate sensitive informatio...

CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615

The Librarian (TheLibrarian.io) vulnerability CVE-2026-0615 concerns the supervisord status page exposed via the web_fetch tool, enabling retrieval of running processes in TheLibrarian backend. According to the sources, this could allow an attacker to enumerate backend processes and exposed state...

CVE-2026-0615 CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615 CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

PT-2026-3249

Name of the Vulnerable Software and Affected Versions TheLibrarian versions prior to the fixed version Description The supervisord status page within TheLibrarian can be accessed via the web fetch tool, potentially exposing running processes in the backend. This allows for the retrieval of...

The Librarian security vulnerability

The Librarian is a personal AI assistant software developed by The Librarian Company in Singapore. The Librarian has a security vulnerability, which stems from the webFetch tool’s ability to retrieve Supervisory Server status pages, potentially leading to the exposure of backend running processes...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004464)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004464 advisory. A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while...