CVE-2025-57784

Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...

EUVD-2025-206342

Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

glib2 security update

An update is available for glib2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GLib provides the core application building blocks for libraries and applicatio...

CVE-2026-24474

Dioxus Components is a shadcn-style component library for the Dioxus app framework. Prior to commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a, useanimatedopen formats a string for eval with an id that can be user supplied. Commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a patches the issue...

RockyLinux 8 : glib2 (RLSA-2026:0991)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0991 advisory. glib: Integer overflow in in gescapeuristring CVE-2025-13601 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

CVE-2026-24474

Dioxus Components is a shadcn-style component library for the Dioxus app framework. Prior to commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a, useanimatedopen formats a string for eval with an id that can be user supplied. Commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a patches the issue...

CVE-2026-24474

Summary: CVE-2026-24474 affects the Dioxus Components library (shadcn-style components for the Dioxus app framework). Prior to commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a, the function/use_animated_open formats a string for eval using a user-supplied id, enabling a potential JavaScript inject...

CVE-2026-23955

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

CVE-2025-66960

A flaw was found in ollama. A remote attacker can exploit this vulnerability by providing untrusted GGUF GGML Unified Format metadata with a specially crafted string length. This can cause the readGGUFV1String function to improperly process the input, leading to a denial of service, which makes t...

glib: Integer overflow in in g_escape_uri_string()

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...

Security update for libtasn1

This update for libtasn1 fixes the following issues: CVE-2025-13151: stack-based buffer overflow in asn1expendoctetstring bsc1256341. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2025-56589

The CVE-2025-56589 entry concerns the Apryse HTML2PDF SDK (versions through 11.6.0) with a vulnerability in InsertFromHtmlString() leading to Local File Inclusion (LFI) and Server-Side Request Forgery (SSRF). The flaws could allow an attacker to read server-local files or trigger arbitrary HTTP r...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38077)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38077 advisory. - In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid...

Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: Integer overflow in in...

ALSA-2026:0991 Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: Integer overflow in in...

PT-2026-3989

Name of the Vulnerable Software and Affected Versions Apryse HTML2PDF SDK versions through 11.6.0 Description A Local File Inclusion LFI and a Server-Side Request Forgery SSRF issue exists in the InsertFromHtmlString function. These issues could allow an attacker to read local files on the server...

RHEL 10 : glib2 (RHSA-2026:0975)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0975 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, th...