CVE-2026-1149

creationtimestamp| type| source ---|---|--- 2026-01-19 12:22:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcrmzocqej2y...

Amazon Linux 2023 : javapackages-bootstrap (ALAS2023-2025-1149)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1149 advisory. Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0...

TencentOS Server 3: nss bug fix and enhancement update (Moderate) (TSSA-2024:1149)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1149 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2013-1149

Cisco Adaptive Security Appliances ASA devices with software 7.x before 7.25.10, 8.0 before 8.05.28, 8.1 and 8.2 before 8.25.35, 8.3 before 8.32.34, 8.4 before 8.44.11, 8.6 before 8.61.10, and 8.7 before 8.71.3, and Cisco Firewall Services Module FWSM software 3.1 and 3.2 before 3.224.1 and 4.0 a...

CVE-2025-1149

A flaw was found in GNU Binutils. This vulnerability allows a memory leak via the xstrdup function. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicabilit...

AZL-56636 CVE-2025-1149 affecting package gdb 11.2-10

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

CVE-2025-1149

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

AZL-56615 CVE-2025-1149 affecting package binutils 2.41-10

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

CVE-2025-1149

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

CVE-2025-1149

CVE-2025-1149 affects GNU Binutils 2.43, specifically the xstrdup path in libiberty/xmalloc.c used by ld, causing a memory leak. The issue can be exploited remotely and is described as high attack complexity with the exploit publicly disclosed. Reports indicate fixes have been committed to the ma...

CVE-2025-1149 GNU Binutils ld xmalloc.c xstrdup memory leak

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

CVE-2025-1149

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

CVE-2024-43368

The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in place for GHSA-qjqp-xr96-cj99. In pull request 1149, sanitation was added for Trix attachments with a text/html content type. However, Trix only checks the...

CVE-2024-43368 Trix has a Cross-Site Scripting (XSS) vulnerability on copy & paste

The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in place for GHSA-qjqp-xr96-cj99. In pull request 1149, sanitation was added for Trix attachments with a text/html content type. However, Trix only checks the...

SUSE: Security Advisory (SUSE-SU-2024:1149-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : skopeo (ELSA-2024-1149)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1149 advisory. 2:1.13.3-4 - Rebuild with golang 1.20.12: golang:net/http/internal: Denial of Service DoS via Resource Consumption via HTTP requests CVE-2023-39326 Tenable has...

RHEL 9 : skopeo (RHSA-2024:1149)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1149 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify file...

CVE-2024-1149

creationtimestamp| type| source ---|---|--- 2024-02-08 14:21:54+00:00| seen| https://t.me/ctinow/181386 2024-03-02 10:41:20+00:00| seen| https://t.me/ctinow/198311...

CVE-2024-1149

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0;...

CVE-2024-1149 Improper validation of update packages

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0;...