USN-8377-1 libtemplate-perl vulnerability

It was discovered that Template-Toolkit did not properly escape single quotes in the htmlfilter function of Template::Plugin::HTML. An attacker could possibly use this issue to inject arbitrary HTML and JavaScript into generated output...

Uncanny Toolkit for LearnDash - Open Redirection

A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security. id: CVE-2023-34020 info: name: Uncanny Toolk...

WP Extended < 3.0.0 - Stored Cross-Site Scripting

The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

DEBIAN-CVE-2026-10528

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

CVE-2026-10194 OFFIS DCMTK dcmqrscp dcmqrdbi.cc deleteOldestImages heap-based overflow

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

CVE-2026-10194

CVE-2026-10194 affects OFFIS DCMTK 3.7.0, specifically the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages in dcmqrdb/libsrc/dcmqrdbi.cc of the dcmqrscp component. The issue is a heap-based buffer overflow that can be triggered by manipulation and may be exploitable remotely. A p...

EUVD-2026-33516

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

MGASA-2026-0166 Updated perl-Template-Toolkit packages fix security vulnerability

Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. CVE-2026-5090...

Updated perl-Template-Toolkit packages fix security vulnerability

Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. CVE-2026-5090...

CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

[SECURITY] Fedora 43 Update: mingw-qt6-qtsvg-6.10.3-2.fc43

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

[SECURITY] Fedora 43 Update: CImg-3.7.6-2.fc43

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copyfail-detect Detection toolkit for CVE-2026-31431 "Copy F...

CVE-2026-10015

Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CryptX 安全漏洞

CryptX is a open-source cryptographic toolkit developed by DCIT, based on various encryption algorithms. Versions of CryptX prior to 0.088001 contained security vulnerabilities. These vulnerabilities stemmed from stack buffer overflows in four AEAD decryption validation functions, which could all...

WordPress affiliate-toolkit plugin <= 3.8.7 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by Nguyen Quang Truong in WordPress Plugin affiliate-toolkit versions = 3.8.7...

CVE-2026-6169

The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using the BladeOne templating engine's runString method which compiles user-supplied template content into PHP code and executes it via eval...

CVE-2026-6169 affiliate-toolkit <= 3.8.5 - Authenticated (Editor+) Remote Code Execution

The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using the BladeOne templating engine's runString method which compiles user-supplied template content into PHP code and executes it via eval...