CVE-2026-24182

CVE-2026-24182 affects NVIDIA GPU Display Drivers (Windows and Linux). The NVIDIA security bulletin lists multiple vulnerabilities addressed in May 2026 updates, including CVE-2026-24182 (leak of held driver locks) with potential for denial of service, and also CVE-2026-24187, 24190, 24191, 24192...

HCL Sametime 安全漏洞

HCL Sametime is a conference solution developed by the Indian company HCL. There is a security vulnerability in HCL Sametime for iOS. This vulnerability stems from the leakage of sensitive information, which may lead to the inclusion of host name information in application logs and certain URLs...

CVE-2024-41674

CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL potentially including credentials could be leaked to packagesearch calls as part of the returned error message. This has been patched ...

CVE-2025-64299

LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes...

Amazon Linux 2 : nerdctl, --advisory ALAS2-2025-3060 (ALAS-2025-3060)

The version of nerdctl installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3060 advisory. go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065 Tenable has extracted...

CVE-2025-12114

Enabled serial console could potentially leak information that might help attacker to find vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

EUVD-2017-0126

Malware in sbrugna...

EUVD-2024-3430

Malicious code in bioql PyPI...

EUVD-2023-54242

Malicious code in bioql PyPI...

EUVD-2022-15805

Malicious code in bioql PyPI...

fence-agents security update

An update is available for fence-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling...

Amazon Linux 2 : nerdctl (ALAS-2025-2921)

The version of nerdctl installed on the remote host is prior to 2.1.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2921 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information...

CVE-2022-2270

An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab was leaking Conan packages names due to incorrect permissions verification...

PT-2025-18127 · Apple · Macos Sonoma +6

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 tvOS versions prior to 18.4 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 visionOS versions...

CVE-2022-49469 btrfs: fix anon_dev leak in create_subvol()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix anondev leak in createsubvol When btrfsqgroupinherit, btrfsalloctreeblock, or btrfsinsertroot fail in createsubvol, we return without freeing anondev. Reorganize the error handling in createsubvol to fix this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the s2250-board not releasing the i2c device in the probe resulting in a leak...

CVE-2025-0167

The CVE-2025-0167 issue affects curl (libcurl) and arises when both using a .netrc for credentials and following HTTP redirects. The root cause, as described across connected documents, is that the netrc entry can omit login and password (or a default entry omits both), which may allow the passwo...

CVE-2024-22004

Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application...

PT-2023-12039 · Elastic · Apm .Net Agent

Name of the Vulnerable Software and Affected Versions: Elastic APM .NET Agent affected versions not specified Description: The issue concerns the Elastic APM .NET Agent leaking sensitive HTTP header information when logging application error details. Normally, the agent sanitizes sensitive HTTP...

CVE-2023-0838

An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342...