Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the handling of index rollover requests when an explicit target index name is provided. An attacker can create a new index with an unauthorized name by exploiting insufficient access control checks on the targ...

GHSA-22VX-2X23-98W6 OpenSearch vulnerable to improper authorization for Rollover Requests

Description A flaw was identified in the OpenSearch Security plugin's handling of index rollover requests. When a rollover request included an explicit target index name, the security plugin did not properly evaluate access control permissions against the target index. This could allow a user wit...

OpenSearch vulnerable to improper authorization for Rollover Requests

Description A flaw was identified in the OpenSearch Security plugin's handling of index rollover requests. When a rollover request included an explicit target index name, the security plugin did not properly evaluate access control permissions against the target index. This could allow a user wit...

PT-2026-41472

Name of the Vulnerable Software and Affected Versions OpenSearch versions prior to 2.19.4 OpenSearch versions prior to 3.2.0 Description A flaw in the OpenSearch Security plugin occurs during the handling of index rollover requests. When a request includes an explicit target index name, the...

CVE-2026-43258

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

CVE-2026-43258

CVE-2026-43258 concerns the Linux kernel: on Alpha systems, memory compaction can trigger user-space crashes and heap corruption due to insufficient TLB shootdown during page migration. Root cause involves ASN rollover and stale instruction translations surviving migration. The fix introduces a m...

PT-2026-37598

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2026:0348-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0348-1 advisory. Upgrade to release 9.20.18: - CVE-2025-13878: Fixed incorrect length checks for BRID and HHIT records bsc1256997 Featur...

MiracleLinux 7 : bind-9.9.4-50.1.0.1.el7.AXS7 (AXSA:2017-1732:04)

"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1732:04 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves...

CVE-2025-55067

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

CVE-2025-55067 Integer Overflow or Wraparound in Veeder-Root TLS4B Automatic Tank Gauge System

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

CVE-2025-55067 Integer Overflow or Wraparound in Veeder-Root TLS4B Automatic Tank Gauge System

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

CVE-2025-55067

The CVE concerns Veeder-Root TLS4B Automatic Tank Gauge (ATG) System and describes an integer wraparound/overflow when Unix time reaches the 2038 epoch. The core issue is improper handling of times beyond January 19, 2038, causing the system clock to roll back to December 13, 1901. Consequences d...

EUVD-2018-17514

Malware in sbrugna...

EUVD-2025-3484

Malicious code in bioql PyPI...

Denial Of Service (DoS)

Starlette is vulnerable to Denial Of Service DoS. The vulnerability is due to blocking of the main event thread caused by improper handling of large multipart file uploads, where a bug in the UploadFile logic fails to anticipate memory rollover, blocking the application from accepting new...

SUSE CVE-2025-54121

Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files greater than the default max spool size starlette will block the main thread t...

UBUNTU-CVE-2025-54121

Starlette is a lightweight ASGI Asynchronous Server Gateway Interface framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files greater than the default max spool size starlette will block the main thread t...

CVE-2025-23863

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sabaoh Rollover Tab rollover-tab allows Stored XSS.This issue affects Rollover Tab: from n/a through = 1.3.2...

CVE-2025-1254 Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.

Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional Recording Service allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42...