Linux Distros Unpatched Vulnerability : CVE-2026-12458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Passwords. CVE-2026-12458 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Chromium: CVE-2026-11243 Incorrect security UI in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11175

Incorrect security UI in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Fedora 43 : chromium (2026-b17799ac62)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b17799ac62 advisory. Update to 148.0.7778.178 CVE-2026-9111: Use after free in WebRTC CVE-2026-9110: Inappropriate implementation in UI CVE-2026-9112: Use after free in...

Chromium: CVE-2026-8511 Use after free in UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-3937

Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

Chromium: CVE-2026-0906 Incorrect security UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

📄 Samsung QuramDng Out-Of-Bounds Write

Samsung QuramDng has an invalid LossyJpeg component assumption that leads to an out-of-bounds write. BACKGROUND Samsung Android uses an internal DNG decoding library, QuramDng in libimagecodec.quram.so, to decode images in com.samsung.ipservice and com.samsung.gallery3d. Samsung Gallery will deco...

EUVD-2025-37435

Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

Linux Distros Unpatched Vulnerability : CVE-2025-12446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

Linux Distros Unpatched Vulnerability : CVE-2025-12447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI...

EUVD-2012-0614

Malware in sbrugna...

EUVD-2021-25313

Malware in sbrugna...

EUVD-2022-25531

Malicious code in bioql PyPI...

EUVD-2023-52480

Malicious code in bioql PyPI...

EUVD-2025-21143

Malicious code in bioql PyPI...

EUVD-2022-0016

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.7.0 release

Red Hat OpenShift distributed tracing platform Tempo 3.7.0 has been released This release of the Red Hat OpenShift distributed tracing platform Tempo provides new features, security improvements, and bug fixes. Breaking changes: Nothing Deprecations: Nothing Technology Preview features: Nothing...

CVE-2025-7901

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been rated as problematic. This issue affects some unknown processing of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site scripting. The attack may be...

CVE-2025-21004

The CVE-2025-21004 entry concerns Galaxy Watch System UI where improper verification of intents in the broadcast receiver enables a local attacker to power off the device. Affected scope is Galaxy Watch devices running firmware prior to the SMR Jul-2025 Release 1. The underlying issue is insuffic...