EUVD-2026-16571

A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...

CVE-2022-37894

An unauthenticated Denial of Service DoS vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x:...

CVE-2025-23042

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...

EUVD-2020-20543

Malware in sbrugna...

EUVD-2020-30531

Malware in sbrugna...

EUVD-2019-4587

Malware in sbrugna...

EUVD-2024-25318

Malicious code in bioql PyPI...

EUVD-2023-2914

Malicious code in bioql PyPI...

EUVD-2022-1242

Malicious code in bioql PyPI...

EUVD-2023-3002

Malicious code in bioql PyPI...

EUVD-2024-3366

Malicious code in bioql PyPI...

EUVD-2023-29133

Malicious code in bioql PyPI...

EUVD-2022-28619

Malicious code in bioql PyPI...

EUVD-2022-40500

Malicious code in bioql PyPI...

EUVD-2025-7727

Malicious code in bioql PyPI...

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: tempo, karpenter, kind, witness, gobump, guac, prometheus-operator, cluster-api-helm-controller, nri-apache, nri-memcached, oauth2-proxy, docker-cli, nri-redis, node-problem-detector, buildkitd, gptscript, kyverno, mongo-tools, harbor, hubble,...

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: gobuster, dapr, dive, kubernetes-dashboard-auth, wal-g, kuberlr, kubernetes-dashboard-web, gcp-compute-persistent-disk-csi-driver, ko, oauth2-proxy, tempo, kubernetes-dashboard-api, terraform, chart-testing, migrate, opentofu, nri-consul, vault-csi-provider, eksctl,...

Apple Security Update: iOS 18.6.1

Apple recommends to install security update iOS 18.6.1 on devices iPhone XS and later...

CVE-2025-48913 Apache CXF: Untrusted JMS configuration can lead to RCE

If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility. Users are recommended to upgrade to versions 3.6.8...

[SECURITY] [DLA 4263-1] ruby-graphql security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4263-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 04, 2025 https://wiki.debian.org/LTS -...