CVE-2026-35378

A flaw was found in the expr utility of uutils coreutils. A logic error in how the utility evaluates parenthesized subexpressions prevents proper short-circuiting for logical OR and AND operations. This can lead to arithmetic errors, such as division by zero, in parts of expressions that should b...

EUVD-2026-25020

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...

CVE-2026-35381 uutils coreutils cut Local Logic Error and Data Integrity Issue in Output Filtering

A logic error in the cut utility of uutils coreutils causes the utility to ignore the -s only-delimited flag when using the -z null-terminated and -d '' empty delimiter options together. The implementation incorrectly routes this specific combination through a specialized newline-delimiter code...

CVE-2026-35373

A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms e.g., ln SOURCE... DIRECTORY. While GNU ln treats filenames as raw bytes and creates the links correctly, the uutils implementation...

CVE-2026-35372

A logic error in the ln utility of uutils coreutils allows the utility to dereference a symbolic link target even when the --no-dereference or -n flag is explicitly provided. The implementation previously only honored the "no-dereference" intent if the --force overwrite mode was also enabled. Thi...

Linux Distros Unpatched Vulnerability : CVE-2026-35364

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the...

AZL-74003 CVE-2026-22184 affecting package optipng 0.7.8-5

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

RHEL 9 : mariadb (RHSA-2026:0137)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0137 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump...

EUVD-2019-4983

Malware in sbrugna...

EUVD-2024-48002

Malicious code in bioql PyPI...

PT-2025-23038

Name of the Vulnerable Software and Affected Versions GNU Coreutils affected versions not specified Description A flaw was found in the sort utility's begfield function, which is vulnerable to a heap buffer under-read. This issue may cause the program to access memory outside the allocated buffer...

OESA-2024-1858 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img...

CVE-2023-24046

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...

apr-util: out-of-bounds writes in the apr_base64

A flaw was found in the Apache Portable Runtime Utility APR-util library. This issue may allow a malicious attacker to cause an out-of-bounds write due to an integer overflow when encoding/decoding a very long string using the base64 family of functions...

F5 BIG-IP Information Disclosure Vulnerability (CNVD-2018-15635)

F5 BIG-IP as an access solution provides SSL VPN remote access, security, application acceleration and high availability for remote users. An information disclosure vulnerability exists in F5 BIG-IP due to a flaw in the F5 BIG-IP configuration utility, which can be exploited by an attacker to vie...

CVE-2011-1602

The su utility on Cisco Unified IP Phones 7900 devices aka TNP phones with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426...

Moderate: Red Hat Security Advisory: sysstat security update

Updated sysstat packages that fix various bugs and security issues are now available. Sysstat is a tool for gathering system statistics. Isag is a utility for graphically displaying these statistics. A bug was found in the Red Hat sysstat package post and trigger scripts, which used insecure...