1744 matches found
BELL-CVE-2026-22980
Bulletin has no description...
DEBIAN-CVE-2026-1299
The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email foldin...
DEBIAN-CVE-2026-22991
In the Linux kernel, the following vulnerability has been resolved: libceph: make freechooseargmap resilient to partial allocation freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decodechooseargs, if allocation of argmap-args fails,...
DEBIAN-CVE-2026-22988
In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...
DEBIAN-CVE-2026-22983
In the Linux kernel, the following vulnerability has been resolved: net: do not write to msggetinq in callee NULL pointer dereference fix. msggetinq is an input field from caller to callee. Don't set it in the callee, as the caller may not clear it on struct reuse. This is a kernel-internal varia...
DEBIAN-CVE-2025-67125
A signed integer overflow in docopt.cpp v0.6.2 LeafPattern::match in docoptprivate.h when merging occurrence counters e.g., default LONGMAX + first user "-v/--verbose" can cause counter wrap negative/unbounded semantics and lead to logic/policy bypass in applications that rely on occurrence-based...
CLSA-2026-1769162862 gnupg2: Fix of CVE-2025-68973
CVE-2025-68973: fix faulty double increment...
DEBIAN-CVE-2026-1225
ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...
BELL-CVE-2025-15366
Bulletin has no description...
DEBIAN-CVE-2025-13878
Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1...
ECHO-E561-1DAF-C313
Bulletin has no description...
RHSA-2026:0774 Red Hat Security Advisory: poppler security update
Bulletin has no description...
DEBIAN-CVE-2026-0902
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
MiracleLinux 8 : fence-agents-4.2.1-129.el8 (AXSA:2024-8238:06)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8238:06 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 pycryptodome: side-channel leakage fo...
MINI-R6VM-M3WM-6GPP
Bulletin has no description...
DEBIAN-CVE-2026-23884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
BELL-CVE-2025-71136
Bulletin has no description...
BELL-CVE-2025-71095
Bulletin has no description...
BELL-CVE-2025-68797
Bulletin has no description...
ECHO-632E-FE3E-8680
Bulletin has no description...