11241 matches found
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...
CVE-2025-8661
A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...
CVE-2025-8661
A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...
CVE-2025-8661 Stored Cross-Site Scripting in Symantec PGP Encryption 11.0.1
A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...
CVE-2025-8661
CVE-2025-8661 is described as a stored Cross-Site Scripting (XSS) vulnerability in Symantec PGP Encryption 11.0.1, arising from improper validation/encoding of user-supplied data. Per the initial entry, the CVSS 3.1 base score is 6.1 (Medium) with Network attack vector, user interaction required,...
CVE-2025-8661 Stored Cross-Site Scripting in Symantec PGP Encryption 11.0.1
A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...
SUSE-SU-2025:02746-1 Security update for zabbix
This update for zabbix fixes the following issues: - CVE-2024-42333: Fixed buffer over-read for broken UTF8 mail data injection. bsc1233834 - CVE-2024-22117: Fixed a bug that can cause the map element to crash when new URLs are added. bsc1233791...
PT-2025-32529 · Broadcom · Symantec Pgp Encryption
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A stored Cross-Site Scripting XSS vulnerability occurs when the server does not properly validate or encode user-provided data. Recommendations: At the moment, there is no information about a newer...
Broadcom Symantec PGP Encryption 安全漏洞
Broadcom Symantec PGP Encryption is a data encryption software from Broadcom, Inc. A security vulnerability exists in Broadcom Symantec PGP Encryption that originates from the server not properly validating or encoding user input data, which could lead to a stored cross-site scripting attack...
Linux Distros Unpatched Vulnerability : CVE-2020-1935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some...
Linux Distros Unpatched Vulnerability : CVE-2020-12409
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox 77...
CVE-2012-10043 ActFax 4.32 Client Importer Buffer Overflow
A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe usage of strcpy duri...
gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
Linux Distros Unpatched Vulnerability : CVE-2024-6827
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to the default...
MambaITD: an Efficient Cross-Modal Mamba Network for Insider Threat Detection
Enterprises are facing increasing risks of insider threats, while existing detection methods are unable to effectively address these challenges due to reasons such as insufficient temporal dynamic feature modeling, computational efficiency and real-time bottlenecks and cross-modal information...
CLSA-2025-1754412086 nodejs: Fix of CVE-2024-22019
CVE-2024-22019: fix resource exhaustion and DoS vulnerability by limiting number of bytes read from a single connection when handling HTTP requests with chunked encoding...
gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
PT-2025-40877
Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description The software is susceptible to an issue when decoding OpenEXR files that utilize DWAA or DWAB compression. Specifically, the length of run-length-encoded data is not validated during the decoding...
The vulnerabilities of the Support-per-file encoding() and Show origin of this line() functions in the Gitk browser allow attackers to gain unauthorized access to create and delete user files.
The vulnerability of the Support per-file encoding and Show origin of this line functions in the Gitk browser exists because measures to eliminate special elements are not taken. Exploiting this vulnerability can allow an intruder to gain unauthorized access to create and delete user files...
The vulnerability of the g_F_n_GenPassForQlync function in the microprogramming software of D-Link DCS-7517 cameras allows a intruder to compromise the confidentiality of the protected information.
The vulnerability of the gFnGenPassForQlync function in the microprogramming software of D-Link DCS-7517 cameras is related to the use of fixed password encoding. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of the information being protected...