EUVD-2026-29231

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An attacker may be able to track users through their IP address...

Linux Distros Unpatched Vulnerability : CVE-2025-40058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure...

EUVD-2020-19716

Malware in sbrugna...

EUVD-2018-7944

Malware in sbrugna...

EUVD-2016-2953

Malware in sbrugna...

EUVD-2023-36606

Malicious code in bioql PyPI...

EUVD-2022-2653

Malicious code in bioql PyPI...

EUVD-2023-31680

Malicious code in bioql PyPI...

CVE-2013-1033

Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access...

CVE-2024-58092 nfsd: fix legacy client tracking initialization

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4legacytrackingops-init call in checkforlegacymethods. That will be handled in the caller nfsd4clienttrackinginit. Otherwise, we'll wind up calling...

Location, name, and photos of random kids shown to parents in child tracker mix up

Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. And could not locate their own. T-Mobile sells a small GPS tracker called SyncUP, which can be used to track, among...

CVE-2023-52939 mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath()

In the Linux kernel, the following vulnerability has been resolved: mm: memcg: fix NULL pointer in memcgrouptrackforeigndirtyslowpath As commit 18365225f044 "hwpoison, memcg: forcibly uncharge LRU pages", hwpoison will forcibly uncharg a LRU hwpoisoned page, the foliomemcg could be NULl, then,...

PT-2025-1575 · Google · Gvisor

Name of the Vulnerable Software and Affected Versions: gVisor affected versions not specified Description: A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in trackin...

CVE-2024-56770

CVE-2024-56770 documents a Linux kernel netem backlog accounting bug when used with a child qdisc (e.g., netem as root with tbf child). The issue arises because netem’s qlen/backlog statistics were updated by child qdiscs via qdisc_tree_reduce_backlog, but netem did not decrement qlen accordingly...

PT-2025-16577

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the initialization of legacy client tracking in the Linux kernel's nfsd component. The problem arises from the duplicate call to nfsd4 legacy tracking ops-init,...

PT-2024-30937 · Unknown · Miniscript

Name of the Vulnerable Software and Affected Versions: Miniscript library versions prior to 12.2.0 Description: The issue allows stack consumption because the Miniscript library does not properly track tree depth. Recommendations: For versions prior to 12.2.0, update to version 12.2.0 or later to...

VulnCheck KEV: CVE-2020-3259

Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the...

OpenDKIM 安全漏洞

OpenDKIM is a C-based DKIM sender authentication system from the OpenDKIM organization. A security vulnerability exists in OpenDKIM versions 2.10.3, 2.11.x through 2.11.0-Beta2, which stems from its inability to keep track of ordinal numbers when deleting a spoofed Authentication-Results header...

SUSE-SU-2023:2065-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 bsc1210731: - CVE-2022-0108: Fixed information leak. - CVE-2022-32885: Fixed arbitrary code execution. - CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. - CVE-2023-27932: Fixed Same Origin...

GHSA-9H6H-9G78-86F7 Yapscan's report receiver server vulnerable to path traversal and log injection

Impact If you make use of the report receiver server experimental, a client may be able to forge requests such that arbitrary files on the host can be overwritten subject to permissions of the yapscan server, leading to loss of data. This is particularly problematic if you do not authenticate...