TYPO3-CORE-SA-2026-006: TYPO3 HTML Sanitizer allows Cross-Site Scripting

More info at https://typo3.org/security/advisory/typo3-core-sa-2026-006...

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test management is impacted by vulnerabilities in Eclipse Paho Java client library

Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Engineering Test management Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting to an...

SUSE CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

PT-2026-38337

Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.4.9.7 Description A NULL pointer dereference occurs when a CERT cell is received out of order. A NULL pointer dereference is a runtime error that happens when a program attempts to read or write to a memory address that...

CVE-2025-36059

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 006. IBM Cloud Pak for Business Automation could allow a local user with access to the container to execute OS system calls...

EUVD-2023-12155

Malicious code in bioql PyPI...

EUVD-2025-7144

Malicious code in bioql PyPI...

CVE-2018-4467

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious...

CERTFR-2025-CTI-006

creationtimestamp| type| source ---|---|--- 2025-04-29 13:07:36+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3lnxdxzdtkz2d 2025-04-29 13:07:46+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/114421403168054880 2025-04-30 07:38:56+00:00| seen|...

Amazon Linux 2 : libreoffice (ALASLIBREOFFICE-2025-006)

The version of libreoffice installed on the remote host is prior to 5.3.6.1-21. It is, therefore, affected by a vulnerability as referenced in the ALAS2LIBREOFFICE-2025-006 advisory. LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An...

CVE-2025-3061 Material Admin - Critical - Unsupported - SA-CONTRIB-2025-006

Vulnerability in Drupal Material Admin.This issue affects Material Admin:...

OpenBSD 安全漏洞

OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD organization. A security vulnerability exists in OpenBSD versions prior to 7.6 errata 006 and prior to 7.5 errata 015, which stems from wg4 traffic that could cause the kernel to crash...

CVE-2024-11148

In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd8 is vulnerable to a NULL dereference when handling a malformed fastcgi request...

CVE-2024-11148

CVE-2024-11148 affects OpenBSD 7.3 before errata 020 and OpenBSD 7.4 before errata 006, where httpd(8) is vulnerable to a NULL dereference when processing malformed FastCGI requests. The underlying issue is a null dereference in the HTTP server’s FastCGI handling path, leading to denial of servic...

OpenBSD 安全漏洞

OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD organization. A security vulnerability exists in OpenBSD versions prior to OpenBSD 7.4 errata 006 and OpenBSD versions prior to OpenBSD 7.3 errata 020, which stems from a NULL dereference in httpd8 when...

Drupal Multiple Vulnerabilities (Nov 2024) - Windows

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

Drupal Multiple Vulnerabilities (Nov 2024) - Linux

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

GO-2024-3081 CWA-2024-006: wasmd non-deterministic module_query_safe query in github.com/CosmWasm/wasmd

CWA-2024-006: wasmd non-deterministic modulequerysafe query in github.com/CosmWasm/wasmd...

CWA-2024-006: wasmd non-deterministic module_query_safe query

Component: wasmd Criticality: Medium ACMv1: I:Moderate; L:Likely Patched versions: wasmd 0.53.0 See CWA-2024-006 for more details...

VulnCheck KEV: CVE-2018-5019

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...