142353 matches found
Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, bundled with WebSphere Remote Server, are affected by a denial of service due to jose4j (CVE-2024-29371)
Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and IBM WebSphere Application Server Liberty has been published in a security...
DEBIAN-CVE-2026-55379
Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdfchar read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new without calling Image.decompressionbombcheck, bypassing Pillow's documented decompression bomb protection...
DEBIAN-CVE-2026-54291
pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to...
DEBIAN-CVE-2026-55380
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
DEBIAN-CVE-2026-13122
OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...
DEBIAN-CVE-2026-58380
A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption,...
ECHO-3143-27BF-6FFE
Bulletin has no description...
ECHO-D6CD-CD8E-DA88
Bulletin has no description...
ECHO-A7A1-BDCD-AE94
Bulletin has no description...
ECHO-E539-F67B-C9C9
Bulletin has no description...
DEBIAN-CVE-2026-13705
Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...
MINI-5733-WRWR-258R
Bulletin has no description...
MINI-JGFQ-87F3-WQGC
Bulletin has no description...
MINI-XXRQ-Q98H-7MQ5
Bulletin has no description...
MINI-8G9P-25X8-HXJW
Bulletin has no description...
MINI-PFJ3-JR83-V6PM
Bulletin has no description...
MINI-R2XV-QXJR-WVJ4
Bulletin has no description...
MINI-V7M7-JF53-7M7W
Bulletin has no description...
MINI-5J8W-QM47-3CWV
Bulletin has no description...
MINI-FFX6-X63R-8Q8F
Bulletin has no description...