CVE-2026-44942

CVE-2026-44942 affects libzypp: a path traversal in handling the "path" component of .repo files could allow writing outside the zypp cache. The issue affects the 17.x series (before 17.38.13) and before 16.22.19. OpenSUSE Tumbleweed/ SUSE advisories indicate this vulnerability is fixed in libzyp...

GHSA-982W-2WQP-Q964 vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-11-openj9, openjdk-26-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-21-openj9...

UBUNTU-CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

PT-2026-37922

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

CVE-2025-14914

IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution...

Siemens Ruggedcom ROX Incorrect Authorization (CVE-2021-35567)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows low privileged attack...

EUVD-2025-24464

Malicious code in bioql PyPI...

CVE-2016-3498 vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-11-openj9, openjdk-26-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-21-openj9...

GHSA-MHXJ-85R3-2X55 file-type vulnerable to Infinite Loop via malformed MKV file

An issue was discovered in the file-type package from 13.0.0 until 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack when...

Trend Micro Security 安全漏洞

Trend Micro Security Consumer is an antivirus software from Trend Micro. A security vulnerability exists in Trend Micro Security Consumer versions 17 through 17.7.1383 that originates from exposing a dangerous method in the application. A local attacker could exploit the vulnerability to gain...

Oracle OpenJDK Multiple Vulnerabilities (Oct 2021)

Oracle OpenJDK is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

UBUNTU-CVE-2021-35556

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

PT-2020-16952 · Sangoma +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 13.x through 13.37.0 Asterisk Open Source versions 16.x through 16.14.0 Asterisk Open Source versions 17.x through 17.8.0 Asterisk Open Source versions 18.x through 18.0.0 Certified Asterisk versions prior to...