Updated perl-YAML-Syck package fixes security vulnerability

YAML::Syck versions before 1.38 for Perl have an out-of-bounds read...

EUVD-2025-208690

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 allow a low privileged user to read an administrator's password by directly accessing a specific resource inaccessible via a graphical interface. This issue has been fixed in firmware versions: 1.36 for tcPDU, 1.67 for LK3...

BROther BRAgent security vulnerabilities

Brother BRAgent is a component of the printing management software developed by the American company Brother. Version 1.38 of Brother BRAgent contains a security vulnerability. This vulnerability stems from the WBAAgentClient service having a service path that is not enclosed in quotes, which may...

EUVD-2025-11894

Malicious code in bioql PyPI...

CVE-2022-40011

Typora through 1.3.8 allows XSS if a document containing an SVG element with an attacker-controlled onload attribute is exported and then used at a victim's origin...

CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

Typora 跨站脚本漏洞

Typora is a Typora open source editor. Typora version 1.38 cross-site scripting vulnerability , the vulnerability stems from a remote attacker can achieve arbitrary code execution through the editor export operation...

SHTTPD 1.38 Filename Parse Error Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24618/info SHTTPD is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. This issue affects SHTTPD 1.38; other versions ma...