3601 matches found
CLSA-2025-1742472545 kernel: Fix of 9 CVEs
USB: serial: ioedgeport: fix use after free in debug printk CVE-2024-50267 - HID: core: zero-initialize the report buffer CVE-2024-50302 - dm cache: fix potential out-of-bounds access on the first resume CVE-2024-50278 - dm cache: fix out-of-bounds access to the dirty bitset when resizing...
RLSA-2025:1309 Moderate: gcc-toolset-13-gcc security update
The gcc-toolset-13-gcc13 package contains the GNU Compiler Collection version 13. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
RLSA-2025:1300 Moderate: gcc-toolset-14-gcc security update
The gcc-toolset-14-gcc13 package contains the GNU Compiler Collection version 14. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
bcc bug fix update
An update is available for bcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel...
RLSA-2025:1346 Moderate: gcc security update
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including...
CVE-2025-27789
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...
CVE-2025-27789
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...
CVE-2025-27789 Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...
CVE-2025-27789 Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups
Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...
Babel 安全漏洞
Babel is a compiler for JavaScript in the Babel open source. A security vulnerability exists in Babel versions prior to 7.26.10 and prior to 8.0.0-alpha.17, which stems from a .replace method generated when compiling regular expression named capture groups that has a quadratic complexity on certa...
@aosweb/osui (>=0.0.23 <=0.0.25), @baosight/er (>=0.1.87 <=0.3.2) +44 more potentially affected by CVE-2025-27597 via @intlify/message-resolver (>=9.1.0 <=9.1.10)
@intlify/message-resolver NPM version =9.1.0, =0.0.23, =0.1.87, =9.14.2, =9.14.2, =0.3.1, =0.5.0, =1.9.7, =9.1.0, =9.1.0, =9.1.0, =9.1.0, =9.1.0, =3.0.0-alpha, =1.8.9, =2.14.0-alpha.3 and more Source cves: CVE-2025-27597 Source advisory: OSV:GHSA-P2PH-7G93-HW3M...
CLSA-2025-1741290577 gcc: Fix of CVE-2020-11023
CVE-2020-11023: fix jQuery untrusted code execution vulnerability in the documentation...
Linux Distros Unpatched Vulnerability : CVE-2024-50383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in...
CVE-2025-25142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Jake Group WP Less Compiler wp-less-compiler allows Stored XSS.This issue affects WP Less Compiler: from n/a through = 1.3.0...
Linux Distros Unpatched Vulnerability : CVE-2023-29405
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The go command may execute arbitrary code at build time when using cgo. This may occur when running go get on a malicious module, or when running any other...
Linux Distros Unpatched Vulnerability : CVE-2015-5276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which...
CVE-2025-25142
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Jake Group WP Less Compiler wp-less-compiler allows Stored XSS.This issue affects WP Less Compiler: from n/a through = 1.3.0...
CVE-2025-25142 WordPress WP Less Compiler plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound WP Less Compiler allows Stored XSS. This issue affects WP Less Compiler: from n/a through 1.3.0...
CVE-2025-25142 WordPress WP Less Compiler plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in The Jake Group WP Less Compiler wp-less-compiler allows Stored XSS.This issue affects WP Less Compiler: from n/a through = 1.3.0...
CVE-2025-25142
CVE-2025-25142 describes a Stored XSS vulnerability in the WordPress WP Less Compiler plugin (versions up to 1.3.0). The issue arises from improper neutralization of input during web page generation, allowing attacker-supplied input to be stored and later reflected in pages. The advisory lists WP...