vert.x security vulnerability

Vert.x is an open-source toolkit developed by Eclipse Vert.x. There is a security vulnerability in Vert.x, which stems from improper implementation of the static program cache. This vulnerability could be exploited by specially crafted request URIs, leading to denial-of-service attacks against...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002530 advisory. Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a...

PT-2026-3177

Name of the Vulnerable Software and Affected Versions Sync Breeze version 13.6.18 Description Sync Breeze version 13.6.18 contains a security issue due to an unquoted service path in its Windows service configuration. This allows local attackers to potentially execute arbitrary code. The issue...

MAL-2026-252 Malicious code in solana-program (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b7f4afe6d0bf016660b9bcd20e900d4d0504af8c3ac7f7dc69f20229ebcddb21 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

EUVD-2026-2661

Malicious code in solana-program PyPI...

Malicious code in solana-program (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b7f4afe6d0bf016660b9bcd20e900d4d0504af8c3ac7f7dc69f20229ebcddb21 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2022-50901

Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Wondershare\Wondershare Dr.Fone\ to inject malicious executables that woul...

CVE-2022-50902

The CVE-2022-50902 entry concerns Wondershare FamiSafe 1.0, where the FSService has an unquoted service path at C:\Program Files (x86)\Wondershare\FamiSafe, enabling local users to potentially execute code with LocalSystem privileges during service startup. Connected documents confirm the affecte...

UBUNTU-CVE-2025-68808

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtvchannelsiinit creates a temporary list program, service, event and ownership of the memory itself is transferred to the PAT/SDT/EIT tables through...

Schneider Electric EcoStruxure Power Build Rapsody (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

PT-2026-2361

Name of the Vulnerable Software and Affected Versions Splashtop version 8.71.12001.0 Description The software contains an unquoted service path vulnerability within the Splashtop Software Updater Service. This allows local attackers to potentially execute arbitrary code. The vulnerability exists...

[SECURITY] Fedora 43 Update: musescore-4.6.5-32.fc43

MuseScore is a free cross platform WYSIWYG music notation program. Some highlights: WYSIWYG, notes are entered on a "virtual note sheet" Unlimited number of staves Up to four voices per staff Easy and fast note entry with mouse, keyboard or MIDI Integrated sequencer and FluidSynth software...

OESA-2026-1012 unrtf security update

UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...

CVE-2014-4945

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic 1 mailbox or 2 message view...

CVE-2014-4946

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

CVE-2009-4230

Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program in IIPImage Server before 0.9.8 might allow remote attackers to execute arbitrary code via vectors associated with crafted arguments to the 1 RGN::run, 2 JTLS::run, or 3 SHD::run function. NOTE: some of these details are...

CVE-2021-41614

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register EPCR are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR...

CVE-2021-33629

isula-build before 0.9.5-6 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data...

CVE-2021-22745

Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique...