[SECURITY] Fedora 43 Update: mingw-gstreamer1-plugins-bad-free-1.26.11-1.fc43

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...

phpBB 路径遍历漏洞

phpBB is an open-source web forum software based on the PHP language. This software supports multiple languages, various databases, and custom layout designs. phpBB has a path traversal vulnerability, which stems from an arbitrary file upload vulnerability. This vulnerability could allow verified...

Exploit for Download of Code Without Integrity Check in Trueconf

🔍 CVE-2026-3502 Scanner - TrueConf Vulnerability Detection Too...

EUVD-2018-21752

MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users...

CVE-2018-25252 FTP Voyager 16.2.0 Denial of Service via Malformed Site Profile

FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...

RHSA-2023:5809 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.2.2 Product Security and Bug Fix Update

Bulletin has no description...

BELL-CVE-2026-31404

Bulletin has no description...

BELL-CVE-2026-23467

Bulletin has no description...

BELL-CVE-2026-23461

Bulletin has no description...

BELL-CVE-2026-23421

Bulletin has no description...

BELL-CVE-2026-23437

Bulletin has no description...

BELL-CVE-2026-23451

Bulletin has no description...

@runspace/ataraxia-auth (=0.0.0), @runspace/cli (>=0.1.6 <=0.1.8) +19 more potentially affected by unknown CVE via @stablelib/cbor (>=1.0.1 <=1.0.2)

@stablelib/cbor NPM version =1.0.1, =0.1.6, =0.1.3, =0.0.1, =0.1.0, =1.0.0, =1.0.0, =0.8.0, =0.9.0, =0.9.0, =0.8.0, =0.8.0, =0.8.0, =0.11.0, =0.11.0, =0.12.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5JG4-P4QW-CGFR...

Towards Predicting Multi-Vulnerability Attack Chains in Software Supply Chains from Software Bill of Materials Graphs

Software supply chain security compromises often stem from cascaded interactions of vulnerabilities, for example, between multiple vulnerable components. Yet, Software Bill of Materials SBOM-based pipelines for security analysis typically treat scanner findings as independent per-CVE Common...

SUSE CVE-2026-23467

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

EUVD-2026-18735

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

CVE-2026-5476

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...

[SECURITY] Fedora 42 Update: gstreamer1-plugins-base-1.26.11-1.fc42

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

[SECURITY] Fedora 42 Update: bind9-next-9.21.20-1.fc42

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

CVE-2026-5474

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...