CLSA-2026-1777389615 Fix CVE(s): CVE-2024-45802

SECURITY UPDATE: multiple vulnerabilities in Edge Side Includes ESI processing - debian/rules: build with --disable-esi to remove the vulnerable ESI response processor matches the upstream Squid 6.10 default, where ESI support is disabled by default. - debian/control: drop libexpat1-dev and...

MiracleLinux 8 : exiv2-0.27.2-5.el8, gegl-0.2.0-39.el8, gnome-color-manager-3.28.0-3.el8, libgexiv2-0.10.8-4.el8 (AXSA:2020-556:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-556:01 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

Pervasive Vulnerability Analysis and Defense for QKD-Based Quantum Private Query

Quantum Private Query QPQ based on Quantum Key Distribution QKD is among the most practically viable quantum communication protocols, with application value second only to QKD itself. However, prevalent security vulnerabilities in the post-processing stages of most existing QKD-based QPQ protocol...

EUVD-2007-4768

Malware in sbrugna...

EUVD-2024-51081

Malicious code in bioql PyPI...

EUVD-2025-31484

Malicious code in bioql PyPI...

Invisible Injections: Exploiting Vision-Language Models through Steganographic Prompt Embedding

Vision-language models VLMs have revolutionized multimodal AI applications but introduce novel security vulnerabilities that remain largely unexplored. We present the first comprehensive study of steganographic prompt injection attacks against VLMs, where malicious instructions are invisibly...

CVE-2025-1991

CVE-2025-1991 affects IBM Informix Dynamic Server versions 12.10, 14.10, and 15.0. The vulnerability is a denial of service caused by an integer underflow during packet processing. IBM’s advisory (ID 7238455) lists fixed releases: 12.10.xC16W2 for 12.10 and 14.10.xC11W2 for 14.10; 15.0 is also li...

SUSE-SU-2025:1569-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43963: Fixed...

CVE-2024-12740

Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file...

CVE-2024-12740 Dependency on Vulnerable Third-Party Component exposes Vulnerabilities in NI Vision Software

Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file...

CVE-2024-12740 Dependency on Vulnerable Third-Party Component exposes Vulnerabilities in NI Vision Software

Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file...

CVE-2024-40743

CVE-2024-40743 affects Joomla core Outputfilter::stripImages and Outputfilter::stripIframes: inputs are not properly processed, enabling XSS vectors. Root cause is improper handling in stripImages/stripIframes; impact is XSS exposure as described in multiple sources (e.g., BIT-JOOMLA-2024-40743, ...

The vulnerabilities of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, are related to information representation errors in the user interface. These vulnerabilities allow attackers to carry out clickjacking attacks.

The vulnerabilities of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, are related to information representation errors in the user interface during the processing of requests and dialog boxes. Exploiting these vulnerabilities can allow a remote attacker to carry out a...

CVE-2022-23688

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches versions:...

CVE-2022-23687

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches versions:...

MGASA-2019-0186 Updated imagemagick packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Fixed a heap-based buffer overflow in ReadMNGImage. CVE-2019-11007 Fixed a heap-based buffer overflow in WriteXWDImage. CVE-2019-11008, CVE-2019-11009...

CentOS Update for thunderbird CESA-2008:0209 centos4 i386

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2008:0209 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...