EUVD-2026-33738

A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forgery. The attack c...

CVE-2026-10280 horizon921 mcpilot MCP API Call Endpoint route.ts server-side request forgery

A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forgery. The attack c...

CVE-2026-10280 horizon921 mcpilot MCP API Call Endpoint route.ts server-side request forgery

A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forgery. The attack c...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing the DMACR register The chapter “B Generic UART” in “ARM Server Base System Architecture” 1 describes a generic UART interface. Such a generic UART does not support DMA. In current cod...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013857)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013857 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter B Generic UART in ARM Server...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011102)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011102 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter B Generic UART in ARM Server...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...

Oracle Linux 9 : 389-ds-base (ELSA-2026-3189)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3189 advisory. - Resolves: RHEL-137083 - CVE-2025-14905 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow rhel-9.7.z Tenable has...

CVE-2026-3192

A security vulnerability has been detected in Chia Blockchain 2.1.0. This issue affects the function authenticate of the file rpcserverbase.py of the component RPC Credential Handler. The manipulation leads to improper authentication. The attack is possible to be carried out remotely. The attack ...

MiracleLinux 8 : 389-ds:1.4 (AXSA:2022-3938:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3938:01 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

EUVD-2022-55687

In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" 1 documentation describes a generic UART interface. Such generic UART does not support DMA. In current...

DEBIAN-CVE-2022-50625

In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" 1 documentation describes a generic UART interface. Such generic UART does not support DMA. In current...

EUVD-2007-3779

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-2668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote...

RPD:bmc-rpd (=1.1), aendter.jenkins.plugins:filesystem-list-parameter-plugin (>=0.0.1 <=0.0.6) +25413 more potentially affected by CVE-2024-38819 via org.springframework:spring-webmvc (>=1.2.1 <=5.3.39)

org.springframework:spring-webmvc MAVEN version =1.2.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.0, =0.0.12, =0.1.15 and more Source cves: CVE-2024-38819 Source advisory: OSV:GHSA-G5VR-RGQM-VF78...

kernel: serial: amba-pl011: avoid SBSA UART accessing DMACR register

A flaw was found in the Linux kernel’s AMBA-PL011 serial driver used on ARM Server Base System Architecture platforms. The existing stoprx operation shared between generic SBSA UARTs and AMBA-PL011 UARTs invoked pl011dmarxstop, which attempts to access the DMA Control Register DMACR. SBSA generic...

[SECURITY] Fedora 37 Update: python-asgiref-3.5.2-1.fc37

ASGI is a standard for Python asynchronous web apps and servers to communicate with each other, and positioned as an asynchronous successor to WSGI. This package includes ASGI base libraries, such as: Sync-to-async and async-to-sync function wrappers, asgiref.sync Server base classes,...

org.apache.kylin:kylin-spark-test (=4.0.0-alpha), org.apache.kylin:kylin-tool-assembly (>=2.1.0 <=4.0.0-alpha) +2 more potentially affected by CVE-2022-24697 via org.apache.kylin:kylin-server-base (>=2.1.0 <=4.0.0-alpha)

org.apache.kylin:kylin-server-base MAVEN version =2.1.0, =2.1.0, =1.1.0, =1.1.0, =2.4.0 Source cves: CVE-2022-24697 Source advisory: OSV:GHSA-PPXX-M926-G569...

org.apache.kylin:kylin-spark-test (=4.0.0-alpha), org.apache.kylin:kylin-tool-assembly (>=2.1.0 <=4.0.0-alpha) +2 more potentially affected by CVE-2022-44621 via org.apache.kylin:kylin-server-base (>=2.1.0 <=4.0.0-alpha)

org.apache.kylin:kylin-server-base MAVEN version =2.1.0, =2.1.0, =1.1.0, =1.1.0, =2.4.0 Source cves: CVE-2022-44621 Source advisory: OSV:GHSA-W9RV-XMF7-X3GH...

MAL-2022-781 Malicious code in @xvideos/server-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d93ff06b333f57f3b2764dcdafc120656bb333d983df4115b2a28ac75c3486 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...