Advisory ROSA-SA-2026-3154

Software: libtommath 1.2.0 OS: ROSA Virtualization 3.1 unaffected versions = libtommath-1.2.0-1.rv31 affected versions libtommath-1.2.0-1.rv31 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to...

[SECURITY] [DLA 4378-1] r-cran-gh security update

Debian LTS Advisory DLA-4378-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert November 25, 2025 https://wiki.debian.org/LTS Package : r-cran-gh Version : 1.2.0-1+deb11u1 CVE ID : CVE-2025-54956 Debian Bug : 1110481 A vulnerability has been discovered in r-cran-gh,...

EUVD-2023-58170

Malicious code in bioql PyPI...

CVE-2023-5897 Cross-Site Request Forgery (CSRF) in pkp/customLocale

Cross-Site Request Forgery CSRF in GitHub repository pkp/customLocale prior to 1.2.0-1...

PKP Plugin Custom Locale Cross-Site Request Forgery Vulnerability

PKP Plugin Custom Locale is a plugin from PKP Inc. A cross-site request forgery vulnerability exists in PKP Plugin Custom Locale versions prior to 1.2.0-1, which stems from a missing CSRF check and can be exploited by an attacker to send a fake request to a user...

Debian DLA-2445-1 : libmaxminddb security update

A heap-based buffer over-read has been found in libmaxminddb, an IP geolocation database library. This could be exploited when the mmdblookup tool is used to open a specially crafted database file. For Debian 9 stretch, this problem has been fixed in version 1.2.0-1+deb9u1. We recommend that you...

DSA-1957-1 aria2 - arbitrary code execution

Bulletin has no description...