Joern 4.0.528

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

[SECURITY] Fedora 44 Update: valkey-9.0.3-1.fc44

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

CVE-2019-18212

XMLLanguageService.java in XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal...

Denial Of Service (DoS)

processwire/processwire is vulnerable to Denial of Service. The vulnerability is due to automatic extraction of user-supplied ZIP files uploaded via Language Support without size or resource limits prior to validation, which allows an attacker with low privileges to upload a crafted ZIP and trigg...

CVE-2025-60790

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...

ProcessWire CMS vulnerable to resource-exhaustion Denial of Service

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...

Data Amplification

Overview processwire/processwire is a CMS/CMF. Affected versions of this package are vulnerable to Data Amplification via the Language Support admin interface. A user with lang-edit permission can cause resource exhaustion by uploading a malicious ZIP file that is automatically extracted without...

CVE-2025-60790

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...

CVE-2025-60790

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...

CVE-2025-60790

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...

CVE-2025-60790

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service...

CVE-2025-60790

CVE-2025-60790 affects ProcessWire CMS 3.0.246. A low-privileged user with lang-edit can upload a crafted ZIP via Language Support, which is auto-extracted without limits before validation, causing resource-exhaustion and a Denial of Service. The issue is documented across multiple feeds (NVD, Re...

[SECURITY] Fedora 41 Update: valkey-8.0.6-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

EUVD-2003-0083

Malware in sbrugna...

EUVD-2020-2946

Malware in sbrugna...

EUVD-2021-2442

Malware in sbrugna...

EUVD-2021-1745

Malware in sbrugna...

Google Android Information Disclosure Vulnerability (CNVD-2025-28667)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability due to a logic error in the onCreate function in NotificationAccessConfirmationActivity.java that results in incorrect validation of the Correct Intent...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability due to a logic error in the onCreate function in NotificationAccessConfirmationActivity.java that results in incorrect validation of the Correct Intent...

July 8, 2025—KB5062572 (OS Build 20348.3932)

July 8, 2025—KB5062572 OS Build 20348.3932 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in...