CVE-2026-47748

CVE-2026-47748 affects stable-diffusion.cpp (C/C++ library) prior to master-584-0a7ae07. The root cause is out-of-bounds reads in the PyTorch checkpoint pickle opcode parsing in src/model.cpp, where the parser sometimes advances buffer positions without validating remaining input, allowing reads ...

ROOT-OS-UBUNTU-2404-CVE-2025-22043 CVE-2025-22043 in rootio-linux - Patched by Root

Root has patched CVE-2025-22043 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-22045 CVE-2025-22045 in rootio-linux - Patched by Root

Root has patched CVE-2025-22045 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2023-52831 CVE-2023-52831 in rootio-linux - Patched by Root

Root has patched CVE-2023-52831 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

CVE-2026-31884

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign...

CVE-2025-52432 QTS, QuTS hero

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2025-53628

cpp-httplib before 0.20.1 is vulnerable to HTTP header smuggling due to insecure trailers merge (CVE-2025-53628). Public advisories note the fix is in 0.20.1. OpenSUSE/SUSE advisories across platforms reference this CVE and provide a version-0.20.1 upgrade as remediation. No exploit details are p...

PYSEC-2025-221

vantage6 is an open-source infrastructure for privacy preserving analysis. The JWT secret key in the vantage6 server is auto-generated unless defined by the user. The auto-generated key is a UUID1, which is not cryptographically secure as it is predictable to some extent. This vulnerability is...

CVE-2025-31481 GraphQL query operations security can be bypassed

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Using the Relay special node type you can bypass the configured security on an operation. This vulnerability is fixed in 4.0.22 and 3.4.17...

CVE-2024-11741

CVE-2024-11741 affects Grafana’s Grafana Alerting VictorOps integration, which was not properly protected and could be exposed to users with Viewer permission. The issue is confirmed in the connected Nessus/TSSA advisory block and is mitigated by upgrading Grafana to any of the fixed releases: 11...

DEBIAN-CVE-2024-40782

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process...

Fedora Update for mysql FEDORA-2010-11135

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-11135 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...