CLSA-2026-1777365744 libarchive: Fix of CVE-2026-5121

Fix CVE-2026-5121: heap buffer overflow in ISO9660 reader via invalid pzlog2bs value in Rock Ridge ZF extension...

CLSA-2026-1777366496 libarchive: Fix of CVE-2026-5121

Fix CVE-2026-5121: heap buffer overflow in ISO9660 reader via invalid pzlog2bs value in Rock Ridge ZF extension...

ap-proxy-client (>=0.3.0 <=0.8.0), ap-proxy-protocol (>=0.3.0 <=0.8.0) +2 more potentially affected by CVE-2026-24850 via ml-dsa (=0.0.4)

ml-dsa CARGO version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on ml-dsa and may be impacted: - ap-proxy-client =0.3.0, =0.3.0, =0.1.0, =0.0.1-pre.0, =0.0.12 Source cves: CVE-2026-24850 Source advisory: OSV:GHSA-5X2R-HC65-25F9...

EUVD-2024-50560

Malicious code in bioql PyPI...

EUVD-2022-2098

Malicious code in bioql PyPI...

Malicious code in @zalastax/nolb-_zf (npm)

The package @zalastax/nolb-zf was found to contain malicious code...

MAL-2025-10615 Malicious code in @zalastax/nolb-_zf (npm)

The package @zalastax/nolb-zf was found to contain malicious code...

CVE-2024-12054

ZF Roll Stability Support Plus RSSPlus is vulnerable to an authentication bypass vulnerability targeting deterministic RSSPlus SecurityAccess service seeds, which may allow an attacker to remotely proximal/adjacent with RF equipment or via pivot from J2497 telematics devices call diagnostic...

CVE-2024-12054 ZF Roll Stability Support Plus (RSSPlus) Authentication Bypass By Primary Weakness

ZF Roll Stability Support Plus RSSPlus is vulnerable to an authentication bypass vulnerability targeting deterministic RSSPlus SecurityAccess service seeds, which may allow an attacker to remotely proximal/adjacent with RF equipment or via pivot from J2497 telematics devices call diagnostic...

CVE-2024-12054

CVE-2024-12054 concerns ZF Roll Stability Support Plus (RSSPlus). The vulnerability is an authentication bypass in the deterministic RSSPlus SecurityAccess service seeds, enabling an attacker — proximate with RF equipment or via pivot from J2497 telematics devices — to remotely call diagnostic fu...

ZF Roll Stability Support Plus 安全漏洞

ZF Roll Stability Support Plus ZF RSSPlus is an industrial control application from ZF Corporation. A security vulnerability exists in ZF Roll Stability Support Plus that originates in the deterministic security access service seed resulting in authentication bypass...

Malicious code in zf-apigility (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76f7f25b98a2fb2e5c3d03a497a3732a067e5e1b6e7334a7aaf06310777b479e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8317 Malicious code in zf-apigility (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76f7f25b98a2fb2e5c3d03a497a3732a067e5e1b6e7334a7aaf06310777b479e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ZF-Commons ZfcUser Vulnerable to XSS in Login Redirect

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

GHSA-33RH-5HVF-5JJP ZF-Commons ZfcUser Vulnerable to XSS in Login Redirect

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

The vulnerability of the FuseISO disk mounting software allows a hacker to trigger a service failure or cause other adverse effects.

The vulnerability of the isofsrealreadzf function isofs.c in the FuseISO disk mounting software is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure application termination, or possibly have other effects due to the large size of the ZF...

FuseISO Integer Overflow Vulnerability

FuseISO is an open source FUSE module for mounting ISO filesystems such as .iso, .nrg, .bin, .mdf, and .img images, developed by software developer Adam Rimon. An integer overflow vulnerability exists in the 'isofsrealreadzf' function in the isofs.c file in FuseISO 20070708 and earlier versions. ...

DEBIAN-CVE-2015-8836

Integer overflow in the isofsrealreadzf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow...

UBUNTU-CVE-2015-8836

Integer overflow in the isofsrealreadzf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow...

zf-oauth2 security bypass vulnerability

OAuth is an open web standard for authorization that is widely used around the world and is currently in version 2.0. A security bypass vulnerability exists in zf-oauth2, which can be exploited by an attacker to bypass security restrictions and perform unauthorized operations...