CLEANSTART-2026-DK45320 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33816, CVE-2026-35469, ghsa-j88v-2chj-qfwx applied in versions: 1.24.4-r0, 1.28.1-r0, 1.28.1-r1, 1.28.1-r2, 1.28.2-r0

Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

vm2 安全漏洞

vm2 is a high-level virtual machine/sandbox developed by Patrik Simek from Czech Republic. It allows running untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.2 have security vulnerabilities. There is currently no information regarding these...

CVE-2025-6593

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

Fedora: Security Advisory (FEDORA-2026-5f7d0a5656)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : thunderbird (RHSA-2026:1487)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:1487 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Spoofing issue in the Downloads Panel component...

EUVD-2019-4193

Malware in sbrugna...

EUVD-2024-52932

Malicious code in bioql PyPI...

Fedora: Security Advisory (FEDORA-2025-4e3048ea55)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-41921

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect a ROS topic and accepts a user-provided Python...

CVE-2025-32918

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...

PT-2025-27938 · Mobiloud · Mobiloud

Name of the Vulnerable Software and Affected Versions: MobiLoud versions n/a through 4.6.5 Description: The issue is related to a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels. Recommendations: For versions n/a through 4.6....

PT-2025-27809 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - Scribunto Extension versions 1.39.0 through 1.39.11 Mediawiki - Scribunto Extension versions 1.42.0 through 1.42.6 Mediawiki - Scribunto Extension versions 1.43.0 through 1.43.1 Description: The issue is related to an Improper...

SUSE: Security Advisory (SUSE-SU-2025:02119-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-6543

creationtimestamp| type| source ---|---|--- 2025-06-25 12:51:00+00:00| seen| https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html 2025-06-25 13:50:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19439 2025-06-25 14:54:41+00:00| exploited|...

CVE-2022-50037

In the Linux kernel, the following vulnerability has been resolved: drm/i915/ttm: don't leak the ccs state The kernel only manages the ccs state with lmem-only objects, however the kernel should still take care not to leak the CCS state from the previous user. cherry picked from commit...

CVE-2022-49973

In the Linux kernel, the following vulnerability has been resolved: skmsg: Fix wrong last sg check in skmsgrecvmsg Fix one kernel NULL pointer dereference as below: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0xa0 224.462463 tcpbpfrecvmsg+0x12e/0x220...

CVE-2022-50188

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount leak in mesonencoderhdmiinit offinddevicebynode takes reference, we should use putdevice to release it when not need anymore. Add missing putdevice in error path to avoid refcount leak...

CVE-2022-50189

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an open file pointer. Fix this by fclosing the file before the return. Detected using static analysis with cppcheck:...

CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

PT-2025-25722 · Unknown · Ebook Store

Name of the Vulnerable Software and Affected Versions: Ebook Store versions n/a through 5.8008 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...