Astra Linux – Vulnerability in libde265

A buffer overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code through the SAO Sample Adaptive Offset processing of libde265...

CVE-2025-6014

Vault and Vault Enterprise’s “Vault” TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

CVE-2025-6011

A timing side channel in Vault and Vault Enterprise’s “Vault” userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault’s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise...

HashiCorp Vault Community Edition和HashiCorp Vault Enterprise 安全漏洞

HashiCorp Vault Enterprise and HashiCorp Vault Community Edition are both products of HashiCorp, Inc. of the U.S. HashiCorp Vault Enterprise is an enterprise information archiving platform.HashiCorp Vault HashiCorp Vault Enterprise is an enterprise information archiving platform, and HashiCorp...

@basemachina/ai-csv-editor (>=0.1.0 <=0.2.1), @edgebasejs/admin-console (=0.1.0) +14 more potentially affected by CVE-2025-6087 +1 more via @opennextjs/cloudflare (>=1.0.1 <=1.19.7)

@opennextjs/cloudflare NPM version =1.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =0.1.0, =0.0.694, =0.0.1, =0.0.6 - next-ai-draw-io =0.4.10 - opennext-oss-provider =0.0.1 and more Source cves: CVE-2025-6087, CVE-2026-3125 Source advisory: OSV:GHSA-RVPW-P7VW-WJ3M...

SUSE CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...

DEBIAN-CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...

CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...

libheif 安全漏洞

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder from struktur open source. A security vulnerability exists in libheif version 1.19.7, which originates from the ability of a local attacker to execute arbitrary code via SAO processing resulting in a buffer overflow...

CVE-2024-54159

stalld through 1.19.7 allows local users to cause a denial of service file overwrite via a /tmp/rtthrottle symlink attack...

Stalld 安全漏洞

stalld is a Linux tool from rt-linux-tools open source. A security vulnerability exists in Stalld 1.19.7 and earlier versions, which stems from a denial of service vulnerability that allows local users to cause a denial of service via a /tmp/rtthrottle symbolic link attack...

CVE-2024-54159

Summary of CVE-2024-54159 findings : The vulnerability affects the stalld daemon (scheduling-throttle helper) where, up to versions 1.19.7, local attackers can trigger a denial-of-service via a /tmp/rtthrottle symbolic link attack that can cause file overwrites. Documented impact is local, with l...

SUSE-SU-2023:1815-1 Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issue: - rebuilt using go1.19.7 to fix bugs and security issues...

[SECURITY] Fedora 36 Update: golang-1.19.7-1.fc36

The Go Programming Language...

[SECURITY] Fedora 37 Update: golang-1.19.7-1.fc37

The Go Programming Language...

Security fix for the ALT Linux 10 package golang version 1.19.7-alt1

1.19.7-alt1 built March 10, 2023 Alexey Shabalin in task 316367 March 7, 2023 Alexey Shabalin - New version 1.19.7 Fixes: CVE-2023-24532...

NodeBB < 1.19.8, 2.x < 2.0.1 Account Takeover Vulnerability

NodeBB is prone to an account takeover vulnerability via a cryptographically weak PRNG in SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2022-4655 · Nodebb · Nodebb

Name of the Vulnerable Software and Affected Versions: NodeBB Forum Software versions prior to 1.19.7 NodeBB Forum Software versions prior to 2.0.0 Description: The utils.generateUUID helper function in NodeBB Forum Software uses a cryptographically insecure pseudo-random number generator...